Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
12841	2021-09-27 14:51	Afghanistan-is-rich-in-mineral... ebfa7b412fe87af4bf586472f6f274c5 Word 2007 file format(docx) VirusTotal Malware MachineGuid Check memory RWX flags setting unpack itself suspicious TLD Tofsee GameoverP2P Zeus ComputerName Trojan Banking DNS		2	4		10.0		8	ZeroCERT

12842	2021-09-27 14:57	37.exe 169329903451896cb2a93fe28a2730f5 Themida Packer Anti_VM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Checks Bios Collect installed applications Detects VMWare Check virtual network interfaces VMware anti-virtualization installed browsers check Tofsee Windows Browser ComputerName Remote Code Execution Firmware DNS Cryptographic key Software crashed	1 Keyword trend analysis	3	1		11.6	M	42	ZeroCERT

12843	2021-09-27 14:58	dascHost.exe 863c021ab6d46dcc5f5b8a2cdab814fd RAT Generic Malware Antivirus Malicious Packer PE64 PE File VirusTotal Malware powershell AutoRuns suspicious privilege MachineGuid Check memory Checks debugger Creates shortcut Creates executable files unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key					7.6	M	27	ZeroCERT

12844	2021-09-27 14:59	Soft_win64_ue500.exe 3cb723cd64267d73d1c08867d4ea9909 Malicious Library PE File PE32 VirusTotal Malware PDB unpack itself					2.4	M	32	ZeroCERT

12845	2021-09-27 15:02	34.exe 34b0ea9b7c806ff84cdbec1148f2fdb1 Malicious Library PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself Remote Code Execution					2.8	M	49	ZeroCERT

12846	2021-09-28 10:11	projecta.exe 354b2d0793453d6be6e92cb740f170e4 RAT Generic Malware PE File .NET EXE PE32 VirusTotal Malware AutoRuns PDB Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Tofsee Windows ComputerName	2 Keyword trend analysis	4	1		4.4		35	ZeroCERT

12847	2021-09-28 10:13	Thronging.exe 2c18994aa3fa5b1b704e2a5cb73e927b RAT Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces installed browsers check Tofsee Windows Browser ComputerName DNS Cryptographic key Software crashed	1 Keyword trend analysis	3	1		13.0		28	ZeroCERT

12848	2021-09-28 10:15	mbn.exe 62aea7cf9106953cbfac5be96c2e8afc NSIS Malicious Library PE File PE32 DLL Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Check memory Checks debugger Creates executable files unpack itself AppData folder Windows Browser Email ComputerName Cryptographic key Software crashed keylogger					9.2		20	ZeroCERT

12849	2021-09-28 13:47	rundll32.exe 50568fb6133ee4ed721ee46a3c0a9e98 PWS .NET framework Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 FormBook Malware download VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself	2 Keyword trend analysis	4	1		7.8	M	19	ZeroCERT

12850	2021-09-28 13:47	sam.exe 5dc04aa798a94f36b81258c9e733fa86 PWS .NET framework Generic Malware SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName crashed					11.2	M	29	ZeroCERT

12851	2021-09-28 13:50	vbc.exe 0eca879131a7b104418b085db7f761c3 RAT PWS .NET framework Generic Malware PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger unpack itself					5.2	M	32	ZeroCERT

12852	2021-09-28 13:50	vbc.exe ee08c2b0eb157fba44b97e80d69d498b RAT PWS .NET framework Generic Malware Admin Tool (Sysinternals etc ...) SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed	1 Keyword trend analysis	2	1	1	12.2	M	32	ZeroCERT

12853	2021-09-28 13:51	okb.exe 1e1cc2d9f587b02406181f6578322a20 PWS .NET framework Generic Malware SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName crashed					10.8	M	39	ZeroCERT

12854	2021-09-28 13:52	vals.exe 2bdad3a733da88708d81f34aa5702776 PWS .NET framework Generic Malware SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key crashed					12.6	M	44	ZeroCERT

12855	2021-09-28 13:54	bd.exe 101522d95b6ed75ff5a2a67fcd0672c9 NSIS Malicious Library PE File PE32 DLL Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Check memory Checks debugger Creates executable files unpack itself AppData folder Windows Browser Email ComputerName Cryptographic key Software crashed keylogger					9.4	M	35	ZeroCERT