popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
13066 2023-05-23 09:39 Clji.js  

c2639b1131697d67a1a76458bcfdf901


Generic Malware Antivirus Hide_URL AntiDebug AntiVM PowerShell powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself suspicious process Windows ComputerName Cryptographic key 		1 5.6 ZeroCERT

13067 2023-05-23 09:39 Bkeeki.js  

b93770e7d4d1a2bc3d3121fc7d1ac0e4


Generic Malware Antivirus Hide_URL AntiDebug AntiVM PowerShell powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself suspicious process Windows ComputerName Cryptographic key 		1 5.6 ZeroCERT

13068 2023-05-23 09:31 @mossad_lzt_packlab.exe  

25d97aa66e4925975190a7566b5a8dc0


RedLine stealer[m] UPX Malicious Library Malicious Packer AntiDebug AntiVM OS Processor Check PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Collect installed applications WriteConsoleW installed browsers check Windows Browser ComputerName DNS Cryptographic key Software crashed 		1 10.0 33 ZeroCERT

13069 2023-05-23 09:24 pmexzx.exe  

1996e9f0e24dcdbf6b737a5714007e24


PWS .NET framework PWS[m] KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed keylogger 		1 2 1 12.6 M 27 ZeroCERT

13070 2023-05-23 09:22 vbc.exe  

baff53cb7c0dba9be6859bd815559bf1


PWS .NET framework Generic Malware Antivirus SMTP PWS[m] KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell AutoRuns PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed 		1 2 1 15.0 M 21 ZeroCERT

13071 2023-05-23 09:21 bld_3.exe  

e2ca6f8e77cbaa4a7adf56242880a30c


RAT Emotet PWS .NET framework Loki_b UPX Malicious Packer .NET EXE PE File PE32 OS Processor Check VirusTotal Malware suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Check virtual network interfaces AppData folder IP Check Windows ComputerName DNS Cryptographic key 		16 5 5 13 7.6 M 34 ZeroCERT

13072 2023-05-23 09:20 damianozx.exe  

c0f457ec5e02531573e8ccfd106ef894


PWS .NET framework .NET EXE PE File PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger unpack itself 		5.0 17 ZeroCERT

13073 2023-05-23 04:29 ...............dot  

d553bd422c8d3621e21049ccc2ebe680


MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware exploit crash Exploit DNS crashed 		1 3.8 M 40 guest

13074 2023-05-23 04:29 ...............dot  

d553bd422c8d3621e21049ccc2ebe680


MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware exploit crash unpack itself Exploit DNS crashed 		1 4.2 M 40 guest

13075 2023-05-22 16:34 345534534.exe  

6355c5f8f98ffd7042a07ed616a2bb34


AgentTesla browser info stealer Generic Malware Downloader UPX Malicious Library Create Service DGA Socket DNS BitCoin Code injection HTTP PWS[m] Sniff Audio Steal credential Http API P2P Internet API Escalate priviledges persistence FTP KeyLogger Screen Browser Info Stealer VirusTotal Malware Cryptocurrency wallets Cryptocurrency PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files exploit crash unpack itself Collect installed applications Check virtual network interfaces malicious URLs sandbox evasion installed browsers check Ransomware Windows Exploit Browser ComputerName Remote Code Execution Firmware DNS Cryptographic key crashed 		1 1 1 1 17.2 M 47 ZeroCERT

13076 2023-05-22 16:32 governorzx.exe  

62a46435c5e579b3f3a7d59f64317a09


PWS .NET framework KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces malicious URLs Tofsee Windows Discord Browser Email ComputerName DNS Cryptographic key Software crashed 		1 2 3 14.8 M 48 ZeroCERT

13077 2023-05-22 16:31 shell.exe  

604e6d6cac22bc2c954367b4a36bb195


Gen1 UPX Malicious Library ASPack Admin Tool (Sysinternals etc ...) Anti_VM OS Processor Check PE64 PE File ZIP Format DLL VirusTotal Malware Check memory Creates executable files crashed 		2.6 M 41 ZeroCERT

13078 2023-05-22 16:28 adolfzx.exe  

372daff38ea8b876b01803b474c7f687


Formbook PWS .NET framework RAT AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted ICMP traffic unpack itself Windows utilities AppData folder Windows 		2 11.6 M 37 ZeroCERT

13079 2023-05-22 16:26 whiteezx.exe  

dc7614d708b3b80811a4c8dde9eb4e1c


Formbook PWS[m] AntiDebug AntiVM .NET EXE PE File PE32 FormBook Malware download VirusTotal Malware PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself DNS 		3 7 1 10.2 M 46 ZeroCERT

13080 2023-05-22 16:25 vbc.exe  

f4fb22b77def98b9cc1231ab69a98f58


Formbook NSIS UPX Malicious Library PE File PE32 DLL FormBook Malware download VirusTotal Malware suspicious privilege Malicious Traffic Check memory Creates executable files unpack itself AppData folder suspicious TLD ComputerName DNS 		12 15 5 11 5.6 M 53 ZeroCERT

keyword