Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
12271	2021-09-10 09:19	vbc.exe 95e3b247f837a2bb940b1e2d80ce7f70 Malicious Library PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself					1.8	M	25	ZeroCERT

12272	2021-09-10 09:19	vbc.exe cc46159aae33c39bf63aac89db340266 RAT Generic Malware Admin Tool (Sysinternals etc ...) SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed	1 Keyword trend analysis	2	1	1	12.2	M	39	ZeroCERT

12273	2021-09-10 09:21	Saturn.exe 87eea516f33319ad808777e8906fc41e UPX Malicious Library PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself					2.2	M	57	ZeroCERT

12274	2021-09-10 09:21	file6.exe 202978e4843b20b61d45ba23d389ff37 Themida Packer Anti_VM Malicious Library PE File .NET EXE PE32 Browser Info Stealer VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Checks Bios Collect installed applications Detects VMWare Check virtual network interfaces VMware anti-virtualization installed browsers check Tofsee Windows Browser ComputerName Firmware DNS Cryptographic key crashed	1 Keyword trend analysis	3	2		10.2	M	33	ZeroCERT

12275	2021-09-10 09:23	bin.exe bb005fca8dc49383e49fb945acec62d2 Admin Tool (Sysinternals etc ...) UPX PE File PE32 VirusTotal Malware RWX flags setting unpack itself					1.8	M	18	ZeroCERT

12276	2021-09-10 09:24	svchost.exe 63eab98c58513c72bb16222502d07f0b NPKI Process Kill UPX Malicious Library FindFirstVolume CryptGenKey Malicious Packer PE File OS Processor Check Device_File_Check PE32 PE64 VirusTotal Cryptocurrency Miner Malware Cryptocurrency suspicious privilege Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process AppData folder WriteConsoleW Windows Tor ComputerName DNS		7	8 Info ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 390 ET TOR Known Tor Exit Node Traffic group 26 ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 26 ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 386 ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 201 ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 638 ET POLICY TLS possible TOR SSL traffic ET POLICY Cryptocurrency Miner Checkin		6.2	M	30	ZeroCERT

12277	2021-09-10 09:26	vbc.exe 9c6ece683bf50fca8e4cb1e98cca288e Malicious Library PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself DNS		1			2.6	M	35	ZeroCERT

12278	2021-09-10 09:26	vbc.exe cc4e312c146a18762fbdb160af306aef RAT PWS .NET framework Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key					7.2	M	30	ZeroCERT

12279	2021-09-10 09:28	file.exe e74e8f9adb0df482c191aa372d520587 Darkside Ransomware Cobalt Strike Malicious Library PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself					1.8	M	28	ZeroCERT

12280	2021-09-10 09:28	Alfanewfile2.exe 9292d5a461d54bde94066b1854ce0bc4 Malicious Library PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself Remote Code Execution					2.0	M	23	ZeroCERT

12281	2021-09-10 09:31	vbc.exe 00ad2714d8e0969242bbeedc2ab765cb RAT PWS .NET framework Generic Malware Admin Tool (Sysinternals etc ...) DNS AntiDebug AntiVM PE File .NET EXE PE32 GIF Format VirusTotal Malware Buffer PE AutoRuns suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Check virtual network interfaces AppData folder AntiVM_Disk VM Disk Size Check human activity check Tofsee Windows ComputerName Cryptographic key crashed	1 Keyword trend analysis	5	1		14.8	M	22	ZeroCERT

12282	2021-09-10 09:41	OvtUb.exe 091a569b997f6e2803119b16fe692dd1 Gen2 UPX Malicious Library PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself ComputerName					1.8		12	ZeroCERT

12283	2021-09-10 09:42	App description.docx 6f194654557e1b52fb0d573a5403e4b1 VirusTotal Malware RWX flags setting unpack itself	1 Keyword trend analysis	1			2.6		32	ZeroCERT

12284	2021-09-10 09:44	Documents new.xlsb e2c5c7d099745fa74d4653b6d49338d2 VirusTotal Malware Creates executable files RWX flags setting unpack itself suspicious process	1 Keyword trend analysis	1			4.0		23	ZeroCERT

12285	2021-09-10 10:27	App description.docx 6f194654557e1b52fb0d573a5403e4b1 Word 2007 file format(docx) Vulnerability VirusTotal Malware unpack itself		1			2.8		32	r0d