Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
11866	2021-08-29 12:47	5a7832139d3efa9171c4d7a2b254a8... 0e345c21a363a5b2f7e1671ca4240100 Malicious Library PE File OS Processor Check PE32 DLL VirusTotal Malware MachineGuid Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself AppData folder sandbox evasion IP Check Tofsee ComputerName	5 Keyword trend analysis	11 Info google.vrthcobj.com(34.97.69.225) - mailcious crl.identrust.com(119.207.65.74) a.upstloans.net(172.67.179.248) a.goatgame.co(104.21.79.144) - malware ip-api.com(208.95.112.1) b.upstloans.net(172.67.179.248) 104.21.79.144 - malware 121.254.136.27 34.97.69.225 - mailcious 208.95.112.1 172.67.179.248	2		7.6	M	21	ZeroCERT

11867	2021-08-29 12:49	info.exe e89e203d78f37985b615aef3e1b22bc9 Malicious Library PE File PE32 VirusTotal Malware PDB unpack itself Remote Code Execution					2.4	M	49	ZeroCERT

11868	2021-08-29 12:52	lv.exe e4dec87fb47a92ce0c13ab8497efcd6e Emotet Gen1 Gen2 Generic Malware Malicious Library UPX Anti_VM Malicious Packer DGA DNS Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection HTTP Hijack Network Internet API FTP ScreenShot Http API Steal credential Downloader P2 VirusTotal Malware AutoRuns Code Injection Check memory Checks debugger Creates executable files unpack itself Windows utilities AppData folder malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check Windows		1			6.4	M	32	ZeroCERT

11869	2021-08-30 09:46	inst1.exe c06d807e7287add5d460530e3d87648c Gen2 Malicious Library PE File OS Processor Check PE32 VirusTotal Malware unpack itself					2.0		32	ZeroCERT

11870	2021-08-30 10:01	bd.exe e4c49f9d53f701a8e2edecc9dd8a5057 Generic Malware AntiDebug AntiVM PE File PE32 DLL Browser Info Stealer Malware download VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency MachineGuid Code Injection Malicious Traffic Check memory Creates executable files unpack itself Windows utilities Collect installed applications suspicious process AppData folder WriteConsoleW anti-virtualization installed browsers check Stealer Windows Browser Email ComputerName DNS	2 Keyword trend analysis	1	4	1	11.0	M	44	r0d

11871	2021-08-30 10:03	good.exe 072769a3e8b70e0f24b31278c5f4c897 Generic Malware AntiDebug AntiVM PE File PE32 DLL Browser Info Stealer Malware download VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency MachineGuid Code Injection Malicious Traffic Check memory Creates executable files unpack itself Windows utilities Collect installed applications suspicious process AppData folder WriteConsoleW anti-virtualization installed browsers check Stealer Windows Browser Email ComputerName DNS	2 Keyword trend analysis	1	4	1	10.8	M	36	r0d

11872	2021-08-30 10:07	vbc.exe 73db2b58503ec0b2b56c4f9fdff3fe40 Schwerer UPX PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself Tofsee		2	2		2.8	M	40	r0d

11873	2021-08-30 19:00	nbfile.exe 4028f8bc868998d649445bd063fa108b Malicious Library PE File PE32 VirusTotal Malware PDB unpack itself					2.0		31	ZeroCERT

11874	2021-08-30 19:00	Setup2.exe 308da60a9996a07824a1a1ce3a994d05 Gen2 Gen1 Emotet UPX Malicious Library Malicious Packer ASPack PE File PE32 OS Processor Check PE64 Browser Info Stealer VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger Creates shortcut Creates executable files unpack itself AntiVM_Disk VM Disk Size Check human activity check installed browsers check Tofsee Interception Browser ComputerName DNS crashed	2 Keyword trend analysis	3	1		8.2	M	46	ZeroCERT

11875	2021-08-30 19:04	sefile3.exe 1502392e9d53e9df5cb15fb75e6743e5 Malicious Library PE File PE32 VirusTotal Malware PDB unpack itself					1.8	M	25	ZeroCERT

11876	2021-08-30 19:07	AXC.exe 0cb653b63f1f96cc5b362096cede91e4 UPX PE File PE32 Malware download VirusTotal Malware AutoRuns Malicious Traffic Check memory RWX flags setting unpack itself suspicious process anti-virtualization Windows DNS keylogger		3	1		9.6	M	20	ZeroCERT

11877	2021-08-30 19:07	ddd.exe 0a3195ee252660ba250ab099d44b31cb RAT Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware Buffer PE PDB Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces suspicious TLD Tofsee Windows DNS Cryptographic key	2 Keyword trend analysis	5	1		10.6	M	22	ZeroCERT

11878	2021-08-30 19:09	obinnazx.exe ab84fb50d7c60cd2109c8cc71b5f6738 PWS .NET framework Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 FormBook Malware download VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key	2 Keyword trend analysis	4	1		8.8		23	ZeroCERT

11879	2021-08-30 21:14	sefile2.exe ad89701003aac4cb9faf20e58471cd37 Malicious Library PE File PE32 VirusTotal Malware PDB unpack itself					1.8	M	26	ZeroCERT

11880	2021-08-30 21:14	kdotzx.exe b4c91c4871bca504fbe96fbbdb741b26 PWS .NET framework Generic Malware PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger unpack itself Windows Cryptographic key					4.8	M	23	ZeroCERT