Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
12301	2021-09-11 15:07	Spoofer-full.exe d8a7c6cb35fc41a9e28ba712edec1fa1 PE64 PE File OS Processor Check VirusTotal Malware PDB				0.8		15	ZeroCERT

12302	2021-09-11 15:09	r33.exe b53466259125d66deb6ef9d787fa1b13 Worm Phorpiex Malicious Packer Malicious Library PE File PE32 VirusTotal Malware AutoRuns Malicious Traffic Checks debugger Creates executable files ICMP traffic Disables Windows Security AppData folder Windows DNS	1 Keyword trend analysis	36 Info api.wipmania.com(127.0.0.1) www.update.microsoft.com(52.137.90.34) 39.45.148.120 89.236.216.4 62.209.132.199 109.110.169.72 2.135.238.38 5.236.196.254 87.202.76.185 185.215.113.66 - malware 91.98.216.220 213.230.73.39 39.60.41.243 42.248.182.132 185.215.113.84 - malware 80.80.223.226 109.74.46.59 217.219.230.200 195.181.24.186 52.185.71.28 42.248.182.220 109.200.175.189 188.158.96.194 93.117.42.214 128.65.179.120 42.248.183.170 5.227.212.94 154.41.3.119 91.92.189.39 78.38.107.89 42.248.183.34 109.238.179.30 45.157.102.112 5.232.240.174 176.210.80.7 151.232.108.62	4	9.8	M	41	ZeroCERT

12303	2021-09-11 15:09	ofmq.jpg 81cdd35dfa04211fff21789707fcf7a9 VirusTotal Malware				0.6		14	ZeroCERT

12304	2021-09-11 15:12	clip.exe 55f7df48adecada9346b12f5cd4d685a Darkside Ransomware Cobalt Strike Admin Tool (Sysinternals etc ...) Malicious Library PE File OS Processor Check PE32 PDB unpack itself				1.0	M		ZeroCERT

12305	2021-09-11 15:14	e9374bbefcce30c811d2f0091f1886... e9374bbefcce30c811d2f0091f1886c3 Darkside Ransomware Cobalt Strike Malicious Library PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself				1.8	M	26	ZeroCERT

12306	2021-09-11 15:16	Spoofer-full.exe d8a7c6cb35fc41a9e28ba712edec1fa1 Generic Malware PE64 PE File OS Processor Check VirusTotal Malware PDB				0.8	M	15	r0d

12307	2021-09-11 15:16	Revue.exe 13306437e7533e06a5c3f6de6d62c8f9 RAT Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Windows Browser ComputerName DNS Cryptographic key Software crashed	1 Keyword trend analysis	3	1	12.2	M	37	ZeroCERT

12308	2021-09-11 15:18	aridonoriginlogger.exe c299b411c8a7c8678fe4e6a0eb2b0222 AgentTesla(IN) Generic Malware Malicious Packer UPX Malicious Library PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself				2.4	M	56	ZeroCERT

12309	2021-09-11 15:20	pr.exe 400c88f0603d79c08a3afda851994a52 Worm Phorpiex Malicious Library PE File PE32 VirusTotal Malware AutoRuns PDB Windows				3.0	M	31	ZeroCERT

12310	2021-09-11 15:25	0e37a5d6-aced-448b-bdf6-8beb4f... 399fba6dea170d6d2afdf299739238c7 RAT PWS .NET framework Generic Malware PE File OS Processor Check .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces installed browsers check Windows Browser ComputerName DNS Cryptographic key Software crashed	1 Keyword trend analysis	1		7.8	M	45	ZeroCERT

12311	2021-09-11 15:25	c0dda7a83d4cc964b37957b563b1b6... fa3bea9c92a88ee35e69036fd79c9169 Gen1 Gen2 Malicious Library Malicious Packer ASPack UPX PE File OS Processor Check PE32 DLL VirusTotal Email Client Info Stealer Malware MachineGuid Malicious Traffic Check memory buffers extracted Creates executable files Windows utilities Collect installed applications suspicious process AppData folder installed browsers check Tofsee Ransomware Windows Browser Email ComputerName DNS	4 Keyword trend analysis	3	4	8.2	M	35	ZeroCERT

12312	2021-09-11 15:27	lipster.exe 66a35e61e92a2c57a4c872f7d178df50 Malicious Library PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself				1.8	M	28	ZeroCERT

12313	2021-09-11 15:29	Dssdsdaw37k41y.exe 1091e6c1f4527d8a034e37aa1e087b31 Darkside Ransomware Cobalt Strike Admin Tool (Sysinternals etc ...) Malicious Library PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself				2.0	M	30	ZeroCERT

12314	2021-09-12 14:45	PAYMENT.exe aae9e03dc710a18538480966fd86b719 PWS .NET framework Generic Malware Admin Tool (Sysinternals etc ...) PE File .NET EXE PE32 VirusTotal Malware Check memory Checks debugger unpack itself				2.0	M	44	ZeroCERT

12315	2021-09-12 14:47	6_cmi2migxml.dll.dll 95f58081bf238bb8fe32127e84c9eff6 Malicious Library PE File DLL PE32 VirusTotal Malware unpack itself Windows crashed				2.4	M	24	ZeroCERT