popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
12526 2021-09-18 19:35 EU-Business-Register.pdf  

b5e898bb90fb4838103c42958d3824dd


PDF VirusTotal Malware Windows utilities Windows 		5 1.8 1 ZeroCERT

12527 2021-09-18 19:43 diagram-303.doc  

9848d167cd2ad39d503a07b4fbd5bc80


VBA_macro Generic Malware MSOffice File VirusTotal Malware RWX flags setting unpack itself 		2.4 23 guest

12528 2021-09-18 19:43 diagram-308.doc  

1af9caa901bb14e513e6863e1d201f61


VBA_macro Generic Malware MSOffice File unpack itself 		1.2 guest

12529 2021-09-18 19:47 Update.exe2.rar  

093f098e70cc57a17d02323cbe6cd484


Generic Malware Malicious Packer PE File PE32 VirusTotal Malware suspicious privilege unpack itself suspicious process sandbox evasion WriteConsoleW shadowcopy delete Ransom Message Ransomware Windows crashed 		6.6 M 41 ZeroCERT

12530 2021-09-18 19:51 asadzx.exe  

4cf22ea879cba79ef086de06409cb254


PWS .NET framework Generic Malware SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName crashed 		8.8 M 23 ZeroCERT

12531 2021-09-18 19:52 PBrowFile49.exe  

e54f5c8fcefa6b197658e8c9055b96a7


RAT Generic Malware Antivirus Anti_VM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware Cryptocurrency wallets Cryptocurrency suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Checks Bios Collect installed applications Detects VMWare Check virtual network interfaces AppData folder VMware anti-virtualization installed browsers check Tofsee Ransomware Windows Browser ComputerName Firmware DNS Cryptographic key Software crashed 		11 10 1 14.2 36 ZeroCERT

12532 2021-09-18 19:52 askinstall59.exe  

5eb27790b04148fabb21f09904a21ff1


Gen2 Trojan_PWS_Stealer Emotet RAT NPKI Credential User Data Generic Malware Malicious Packer Malicious Library SQLite Cookie Admin Tool (Sysinternals etc ...) Anti_VM ASPack UPX Antivirus PE File OS Processor Check PE32 ELF PNG Format PE64 DLL MSOffice Browser Info Stealer VirusTotal Malware PDB suspicious privilege MachineGuid Code Injection Malicious Traffic Checks debugger WMI Creates executable files ICMP traffic exploit crash unpack itself Windows utilities suspicious process AppData folder WriteConsoleW installed browsers check Tofsee Ransomware Windows Exploit Browser ComputerName Remote Code Execution crashed 		4 8 1 2 12.4 M 46 ZeroCERT

12533 2021-09-18 19:53 CurrenyCalculatorInstaller.exe  

47a6177d085d921f354fa5081ec7fd1d


Themida Packer Generic Malware Malicious Library Anti_VM Antivirus DGA DNS Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection HTTP Internet API FTP ScreenShot Http API Steal credential Downloader P2P AntiDebug AntiVM PE File P Browser Info Stealer FTP Client Info Stealer VirusTotal Malware powershell suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Checks Bios Collect installed applications Detects VMWare powershell.exe wrote Check virtual network interfaces suspicious process AppData folder VMware anti-virtualization installed browsers check Tofsee Windows Browser ComputerName Firmware DNS Cryptographic key Software crashed 		1 5 1 14.2 27 ZeroCERT

12534 2021-09-18 19:53 bobbyzx.exe  

0549c9978e7b208ce66191ae9618576b


PWS .NET framework Generic Malware SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName crashed 		9.0 33 ZeroCERT

12535 2021-09-18 19:54 file.exe  

c226c5dc2b63899b8851aca8c932cc80


Malicious Library PE File PE32 VirusTotal Malware PDB unpack itself 		2.4 M 34 ZeroCERT

12536 2021-09-18 19:56 update.exe  

c6778b548001d1226e25be15a0121432


RAT PWS .NET framework Generic Malware PE File .NET EXE PE32 VirusTotal Malware Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces IP Check 		1 2 1 3.4 M 17 ZeroCERT

12537 2021-09-18 20:00 askinstall45.exe  

da5b97bff4bdc3047c4feb274c785228


Gen2 Trojan_PWS_Stealer Emotet RAT NPKI Credential User Data Generic Malware Malicious Packer Malicious Library SQLite Cookie Admin Tool (Sysinternals etc ...) Anti_VM ASPack UPX Antivirus PE File OS Processor Check PE32 ELF PNG Format PE64 DLL MSOffice Browser Info Stealer VirusTotal Malware PDB suspicious privilege MachineGuid Code Injection Malicious Traffic Checks debugger WMI Creates executable files ICMP traffic exploit crash unpack itself Windows utilities suspicious process AppData folder WriteConsoleW installed browsers check Tofsee Ransomware Windows Exploit Browser ComputerName Remote Code Execution crashed 		4 8 1 2 12.4 M 46 ZeroCERT

12538 2021-09-18 20:00 123123.exe  

c25eeafa69c9b7e5cda2199ab1c5ace1


RAT PWS .NET framework Gen2 Generic Malware Malicious Packer Malicious Library PE64 PE File OS Processor Check .NET EXE PNG Format DLL VirusTotal Malware PDB suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger Creates executable files unpack itself Windows utilities Check virtual network interfaces suspicious process AntiVM_Disk WriteConsoleW VM Disk Size Check Tofsee Windows ComputerName 		2 4 2 7.6 M 21 ZeroCERT

12539 2021-09-18 20:02 askinstall58.exe  

75cd00f5ec5aa1120739721c6f0a1240


Gen2 Trojan_PWS_Stealer NPKI BitCoin Credential User Data Generic Malware Malicious Packer Malicious Library SQLite Cookie UPX Anti_VM DGA DNS Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection HTTP Internet API FTP ScreenSh Browser Info Stealer Malware PDB suspicious privilege Code Injection Malicious Traffic Checks debugger WMI Creates executable files exploit crash unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW installed browsers check Tofsee Windows Exploit Browser ComputerName Remote Code Execution crashed 		4 8 1 2 10.6 M ZeroCERT

12540 2021-09-18 20:02 troupzx.exe  

1c4fd4c1adfb8b5cc412128415251379


PWS .NET framework Generic Malware SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName crashed 		8.8 M 25 ZeroCERT

keyword