popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
13111 2021-10-05 10:02 BS.exe  

4589e8f916643c5d21b413d5ddaa0105


Malicious Packer UPX Malicious Library PE File PE32 VirusTotal Malware AutoRuns Creates executable files RWX flags setting unpack itself AppData folder Windows DNS crashed 		1 3 5.4 M 35 ZeroCERT

13112 2021-10-05 10:03 mbc.exe  

0839e95c0ced1ac73cd61617bf32dcae


NSIS Malicious Library PE File PE32 DLL Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Check memory Checks debugger Creates executable files unpack itself AppData folder Windows Browser Email ComputerName Cryptographic key Software crashed keylogger 		9.4 M 39 ZeroCERT

13113 2021-10-05 10:04 crown.exe  

95c18a998ee6b54fae7d7fef0ccdc00d


AgentTesla(IN) RAT Generic Malware Malicious Packer UPX Malicious Library PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger unpack itself Windows Browser Email ComputerName Cryptographic key Software crashed keylogger 		6.8 M 51 ZeroCERT

13114 2021-10-05 10:06 msoffice.exe  

3629444779e7e4fb9a023cda4f1473c6


njRAT backdoor Generic Malware PE File .NET EXE PE32 Malware download njRAT VirusTotal Malware DNS 		1 1 2.8 M 55 ZeroCERT

13115 2021-10-05 10:06 princehfzx.exe  

4848485b65241043189c99b7790836ad


RAT Generic Malware SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName Cryptographic key crashed 		10.8 M 35 ZeroCERT

13116 2021-10-05 10:08 ctp2.exe  

67b984f729d6f74590f00472fa67d4de


PWS Loki[b] Loki.m Malicious Packer PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege MachineGuid Check memory installed browsers check Browser Email ComputerName DNS Software 		1 2 6.4 M 62 ZeroCERT

13117 2021-10-05 10:08 bbd.exe  

54c1a76ade1bb5415c97a6c3d6857731


NSIS Malicious Library PE File PE32 DLL Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Check memory Checks debugger Creates executable files unpack itself AppData folder Windows Browser Email ComputerName Cryptographic key Software crashed keylogger 		9.2 M 22 ZeroCERT

13118 2021-10-05 10:10 test.exe  

1b2016c135200cf451366c17494a3eb8


Generic Malware Themida Packer Malicious Packer PE64 PE File VirusTotal Malware Windows crashed 		2.2 M 20 ZeroCERT

13119 2021-10-05 11:00 doc-1270645081.xls  

3de48e9975e2ad16a31b7ee7408cbc11


MSOffice File RWX flags setting unpack itself suspicious process Tofsee 		3 4 2 3.6 guest

13120 2021-10-05 11:03 doc-127121857.xls  

f219ec4170b0ca71398bf5922cc49334


MSOffice File RWX flags setting unpack itself suspicious process Tofsee 		3 4 2 3.6 guest

13121 2021-10-05 11:05 doc-1271460016.xls  

60f636f00050f303aa523c8edbe7aadf


MSOffice File RWX flags setting unpack itself suspicious process Tofsee 		3 4 2 3.6 guest

13122 2021-10-05 14:08 vbc.exe  

013d4cb9c83ba31bfb0c9041f565acbb


Generic Malware UPX PE File PE32 VirusTotal Malware Remote Code Execution 		1.0 M 26 r0d

13123 2021-10-05 15:06 doc-1271460016.xls  

60f636f00050f303aa523c8edbe7aadf


Downloader MSOffice File Check memory unpack itself suspicious process Tofsee 		4 2 3.4 r0d

13124 2021-10-05 16:42 image.mp3.html  

0f8e7f27b8db9e95ae4f6c28f412d847


AntiDebug AntiVM MSOffice File VirusTotal Malware Code Injection Creates executable files exploit crash unpack itself Windows utilities Windows Exploit DNS crashed 		4.8 3 ZeroCERT

13125 2021-10-05 16:44 BoIeto 0410.lnk.lnk  

ac210a9b84df20647ba433e9a1469725


Generic Malware Create Service Escalate priviledges AntiDebug AntiVM GIF Format VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself Check virtual network interfaces 		1 2 3.8 2 ZeroCERT

keyword