popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
12586 2021-09-20 09:45 Mortician.exe  

2744d06ccec54b48efc46c31a4260dbe


RAT Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key 		1 9.2 M 45 ZeroCERT

12587 2021-09-20 09:45 76.exe  

cbf7ac18207051de82560b4621f7905f


Emotet RAT Gen1 UPX Malicious Library PE File PE32 PE64 DLL OS Processor Check Malware download VirusTotal Malware Check memory Checks debugger Creates executable files unpack itself AppData folder crashed 		1 2 1 3.8 M 5 ZeroCERT

12588 2021-09-20 09:47 Updbdate.exe  

7adeb7b9a3dbc0de7fdb92c72bdb0745


Malicious Library PE File PE32 PDB unpack itself 		1.0 M ZeroCERT

12589 2021-09-20 09:50 14.exe  

25b544886f92efc35d16afae0ccbe885


Malicious Library PE File PE32 VirusTotal Malware PDB unpack itself 		2.4 M 37 ZeroCERT

12590 2021-09-20 09:53 askinstall5.exe  

61e0ed3cd468c91cd0641939a519c720


Gen2 Trojan_PWS_Stealer Emotet RAT NPKI Credential User Data Generic Malware Malicious Packer Malicious Library SQLite Cookie Admin Tool (Sysinternals etc ...) Anti_VM ASPack UPX Antivirus PE File OS Processor Check PE32 ELF PNG Format PE64 DLL MSOffice Browser Info Stealer Malware PDB suspicious privilege MachineGuid Code Injection Malicious Traffic Checks debugger WMI Creates executable files ICMP traffic exploit crash unpack itself Windows utilities suspicious process AppData folder WriteConsoleW installed browsers check Tofsee Ransomware Windows Exploit Browser ComputerName Remote Code Execution crashed 		4 8 1 2 10.6 M ZeroCERT

12591 2021-09-20 09:58 bypass.txt.ps1  

beb711d4f12cbe69eab1fdf6757374a0


Generic Malware Antivirus VirusTotal Malware Check memory unpack itself WriteConsoleW Windows Cryptographic key 		1.6 13 ZeroCERT

12592 2021-09-20 09:58 njbypass.txt.ps1  

719f2de7ca5a43ef68f0edbbd432aa51


Generic Malware Antivirus VirusTotal Malware Check memory unpack itself WriteConsoleW Windows Cryptographic key 		1.4 M 5 ZeroCERT

12593 2021-09-20 10:10 Stub1.exe  

81b5f1e1a01a892296aab30a2e83cf2f


RAT PWS .NET framework Gen2 Generic Malware Anti_VM Malicious Packer Malicious Library PE64 PE File OS Processor Check .NET EXE DLL VirusTotal Malware AutoRuns PDB suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger Creates executable files unpack itself Windows utilities Check virtual network interfaces suspicious process AntiVM_Disk WriteConsoleW VM Disk Size Check Tofsee Windows ComputerName DNS 		4 4 2 4 8.2 M 22 ZeroCERT

12594 2021-09-20 10:16 PhoenixMiner.exe  

33b49643272dc9044096dc01c71213b6


Generic Malware Malicious Packer UPX Malicious Library PE64 PE File OS Processor Check MSOffice File VirusTotal Malware 		1.6 35 ZeroCERT

12595 2021-09-20 10:16 40.exe  

904b66229f5d7a3f7e55099b973416b6


Malicious Library UPX Admin Tool (Sysinternals etc ...) DGA DNS Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection HTTP Internet API FTP ScreenShot Http API Steal credential Downloader P2P persistence AntiDebug AntiVM PE File VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger WMI unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Windows ComputerName DNS 		1 7.0 27 ZeroCERT

12596 2021-09-20 10:19 VideoRecoderDriveMaster.exe  

89059c81d1e7400ddfb518e9c7fa026b


Themida Packer Malicious Packer PE64 PE File VirusTotal Malware Windows crashed 		2.2 28 ZeroCERT

12597 2021-09-20 20:36 1ade2bf9e1a716a8135883046afa00...  

1734f4013eebe0f6390d89a202af8942


Gen2 MSOffice File VirusTotal Malware 		0.8 24 guest

12598 2021-09-20 21:02 0bd168703d2bb6a6d5fffe115c4834...  

3eb2ea9527590196759a92fdd24eaf8b


Gen2 Emotet Gen1 Generic Malware Malicious Packer Malicious Library MSOffice File VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself AntiVM_Disk VM Disk Size Check Tofsee ComputerName DNS DDNS 		3 2 2.8 18 guest

12599 2021-09-20 21:04 1ade2bf9e1a716a8135883046afa00...  

1734f4013eebe0f6390d89a202af8942


Gen2 MSOffice File VirusTotal Malware 		0.8 24 guest

12600 2021-09-21 17:52 428558fcf4133715cf08d2fdf904b3...  

4849ab316b3dcde68a2a23c22dee2d98


Malicious Library PE File PE32 VirusTotal Malware Checks debugger RWX flags setting unpack itself suspicious process ComputerName crashed 		4.2 M 59 pavan85

keyword