popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
12691 2021-09-23 08:49 cyto.dotm  

42d3a33135b372220211d217a62ffe95


VBA_macro Antivirus Word 2007 file format(docx) VirusTotal Malware AutoRuns Creates executable files unpack itself Windows 		2.8 15 ZeroCERT

12692 2021-09-23 08:51 vbc.exe  

c91355d03f807047498dd7ff18824f41


NSIS Malicious Library PE File PE32 DLL VirusTotal Malware Buffer PE suspicious privilege MachineGuid Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself AppData folder human activity check Windows ComputerName 		2 7.8 26 ZeroCERT

12693 2021-09-23 08:52 fdsf.wbk  

46502e94750a8fbfb089c90229998f3f


Lokibot RTF File doc AntiDebug AntiVM LokiBot Malware download VirusTotal Malware c&c MachineGuid Malicious Traffic Check memory exploit crash unpack itself Windows Exploit DNS crashed Downloader 		2 3 13 1 5.0 M 18 ZeroCERT

12694 2021-09-23 08:53 test.exe  

cff6445670f4e1072714bf605a89986b


RAT Generic Malware PE File .NET EXE PE32 VirusTotal Malware PDB suspicious privilege Malicious Traffic Check memory Checks debugger WMI ICMP traffic unpack itself Windows utilities Check virtual network interfaces suspicious process IP Check Tofsee Windows ComputerName DNS DDNS 		1 5 6 8.2 32 ZeroCERT

12695 2021-09-23 08:54 vbc.exe  

f7896603ae14a91903ac46e5f31b182f


Malicious Library PE File PE32 VirusTotal Malware PDB unpack itself 		2.6 48 ZeroCERT

12696 2021-09-23 08:56 font.exe  

1a1a9b3969abcd2fccd2c6ce20be68ac


UPX Malicious Library DGA DNS Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection HTTP Internet API FTP ScreenShot Http API Steal credential Downloader P2P AntiDebug AntiVM PE File PE32 Emotet VirusTotal Malware Buffer PE AutoRuns Code Injection buffers extracted Creates executable files RWX flags setting unpack itself Windows utilities suspicious process WriteConsoleW Tofsee Windows ComputerName crashed 		3 6 1 11.0 M 21 ZeroCERT

12697 2021-09-23 08:56 atlaszx.exe  

88bb493f91d20d39a8bb13cb98a9a037


PWS .NET framework Generic Malware SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName crashed 		8.8 M 22 ZeroCERT

12698 2021-09-23 08:57 toolspab2.exe  

b17b3e448ea6c4904e9bb92ffb544d5e


Malicious Library AntiDebug AntiVM PE File OS Processor Check PE32 Malware PDB Code Injection Checks debugger buffers extracted unpack itself Remote Code Execution 		6.6 M ZeroCERT

12699 2021-09-23 08:59 ob.exe  

190cf20ace9aa9cc41db31be3405b0d8


PWS .NET framework Generic Malware SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName crashed 		11.0 M 36 ZeroCERT

12700 2021-09-23 09:00 mbx.exe  

cc5c9c131a1a28796e6a0ed1ef1914bd


PWS .NET framework Generic Malware SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName crashed 		11.2 M 41 ZeroCERT

12701 2021-09-23 09:01 vbc.exe  

e50df54836bd38c86239e7f49917cb1c


Malicious Library PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself Remote Code Execution 		2.4 M 49 ZeroCERT

12702 2021-09-23 09:02 sy.exe  

0775f63b4f86792829cc25569c911e00


PWS .NET framework NPKI email stealer Generic Malware DNS Socket Escalate priviledges KeyLogger Code injection Downloader persistence AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer VirusTotal Email Client Info Stealer Malware MachineGuid Code Injection Check memory Checks debugger buffers extracted WMI unpack itself Windows utilities suspicious process AntiVM_Disk WriteConsoleW VM Disk Size Check installed browsers check Windows Browser Email ComputerName DNS DDNS crashed 		2 1 11.8 M 23 ZeroCERT

12703 2021-09-23 09:03 vbc.exe  

4ebffc7b677cfa458f6833bc8e0341de


Malicious Library PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself 		2.2 M 50 ZeroCERT

12704 2021-09-23 09:04 vbc.exe  

7d61098bd6413d9eaa84abca69c207b9


Malicious Library PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself Remote Code Execution DNS 		1 3.0 M 50 ZeroCERT

12705 2021-09-23 09:05 bie.exe  

19892e4eaa5acc4d15853a76566ac7c5


Generic Malware UPX Malicious Library PE File OS Processor Check PE32 PE64 DLL VirusTotal Malware AutoRuns suspicious privilege WMI Creates executable files Windows utilities WriteConsoleW Windows ComputerName Remote Code Execution 		2 7.0 M 58 ZeroCERT

keyword