Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
13171	2023-05-17 09:22	AtomLdr.dll 513eecac1e602be2a404f1d70719dffb DLL PE64 PE File VirusTotal Malware Checks debugger unpack itself				1.6		17	ZeroCERT

13172	2023-05-17 09:17	clip64.dll fb32ce419c5bea931a9e3c4ad70dec00 UPX Malicious Library Admin Tool (Sysinternals etc ...) OS Processor Check DLL PE File PE32 VirusTotal Malware PDB Checks debugger unpack itself DNS				3.6	M	54	ZeroCERT

13173	2023-05-17 09:17	Kexvdkz.js 00e1e1bdc90fa90a8cf9524f06ebbbd7 Generic Malware Admin Tool (Sysinternals etc ...) Antivirus Hide_URL AntiDebug AntiVM PowerShell powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself suspicious process Windows ComputerName Cryptographic key	1 Keyword trend analysis			6.2			ZeroCERT

13174	2023-05-17 09:17	Lozrnlwd.js 9fc5685eb5f6fcf8dd0cf7d998a86d32 Generic Malware Antivirus Hide_URL AntiDebug AntiVM PowerShell powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself suspicious process Windows ComputerName Cryptographic key	1 Keyword trend analysis			6.2			ZeroCERT

13175	2023-05-17 09:15	run.exe 5e7b16cbe19f279b1f336a0db3d5f0d3 AntiDebug AntiVM MSOffice File Code Injection ICMP traffic RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed		5	2	6.0	M		ZeroCERT

13176	2023-05-17 09:14	vbc.exe bc8dfcb4093f0bb356e3103af15f3d1b Raccoon Stealer Generic Malware UPX PWS[m] ScreenShot AntiDebug AntiVM PE File PE32 VirusTotal Malware Buffer PE Code Injection buffers extracted RWX flags setting unpack itself malicious URLs Windows Remote Code Execution crashed				8.0	M	45	ZeroCERT

13177	2023-05-17 09:11	new123.exe 811e93471760add998aa98ad4bd328da Generic Malware UPX Malicious Library AntiDebug AntiVM PE64 PE File DLL VirusTotal Malware Buffer PE AutoRuns PDB suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows Advertising DNS Cryptographic key crashed				10.2	M	22	ZeroCERT

13178	2023-05-17 09:09	build_230513_103126.exe 3a90a970a0965041a25f6c996c142011 AntiDebug AntiVM MSOffice File Code Injection ICMP traffic RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed		5	2	6.0	M		ZeroCERT

13179	2023-05-17 09:06	blessedzx.exe 0b94975f5dde6feab979853991933616 PWS .NET framework Anti_VM .NET EXE PE File PE32 VirusTotal Malware PDB Check memory Checks debugger unpack itself				2.0		14	ZeroCERT

13180	2023-05-17 09:04	exodus.exe b9352f9dcaba6a6ebeed5c756dfe5e74 UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware unpack itself				1.4		36	ZeroCERT

13181	2023-05-17 09:04	cred64.dll a995fde990914d0ae4278af25213cac0 Ave Maria WARZONE RAT UPX Malicious Library OS Processor Check DLL PE64 PE File VirusTotal Malware PDB Checks debugger unpack itself installed browsers check Browser ComputerName crashed				2.6		36	ZeroCERT

13182	2023-05-17 09:04	jenns.exe d35fc5185c8a58731cc0b8c4371e6c9c NSIS UPX Malicious Library PE File PE32 DLL FormBook Malware download VirusTotal Malware suspicious privilege Malicious Traffic Check memory Creates executable files unpack itself AppData folder suspicious TLD DNS	13 Keyword trend analysis Info http://www.ascents.info/hk38/ http://www.1waif.top/hk38/?YmI=zzkZuzLAoma85XiX7lxIbQG/EJHsOO2+Q6oiR8OLkS/KwAhRwr9lPadDsgBC/R6Ehz+P4CWVVfJwNXurykV5FbLn1BWKF7Aw1kgOiys=&vVMKMC=JtlMqX9aXUH6E http://www.lgys174.top/hk38/ http://www.cryptohere.net/hk38/?YmI=ueolYRFMqDgL2w2WSyY2ND5otMaXj9PSMr4D1l6DUAw2kT04GXN59A0oGKPjQT9+3NvvA9XVQSpCofUlgfc89cVHCNXt6Tw+bOwl+vU=&vVMKMC=JtlMqX9aXUH6E http://www.nescotopp.shop/hk38/ http://www.ascents.info/hk38/?YmI=KrPc6+l/LbhA4QqNRpcmhen1wfbyqFB9qWau7oi8GuhJrnImuTvqwBhjinANrYUid0CBNXiHItrEvn/DOgRkhYxcfTTricRTxtRtwg8=&vVMKMC=JtlMqX9aXUH6E http://www.sqlite.org/2020/sqlite-dll-win32-x86-3330000.zip http://www.memshaconsultancy.com/hk38/?YmI=ylcRdOeQ8XQ4MBe6+o+woVrTwHnafctqX6zKfONVwMcCeye0booFMTvbXdYSGzr1oUKVttZ5cokf78mxnXYdaQyvIAyyJB6YSbiDTd4=&vVMKMC=JtlMqX9aXUH6E http://www.lgys174.top/hk38/?YmI=C7+QLmlVH+QiRxI6PBDl5AOYi+WV4kkm2HpNG2cJ9XVlHr0M8Q0IkKn366y7kv3boAdk3F4dVuwUlUtIJQk6NWa3tLVuPdH+n5rm7/w=&vVMKMC=JtlMqX9aXUH6E http://www.cryptohere.net/hk38/ http://www.1waif.top/hk38/ http://www.nescotopp.shop/hk38/?YmI=DrtU8bnbnXpbNShePnwsRj13bS+UCxOuZvzH6bEjmv010pTnm4zit6bh6EVUeYhYrTCAEppr9rHC6Bu3VgZaW+HjzX/PpsxeO8UHktE=&vVMKMC=JtlMqX9aXUH6E http://www.memshaconsultancy.com/hk38/	18 Info www.nescotopp.shop(84.32.84.32) www.cryptohere.net(104.21.33.161) www.ascents.info(162.0.225.178) www.1waif.top(23.234.28.124) www.lgys174.top(107.148.25.134) www.shpmig.xyz() www.estherxpena.com() www.maniapetlovers.online() www.879-21.review(38.177.159.165) www.memshaconsultancy.com(149.255.62.50) 84.32.84.32 - mailcious 107.148.25.134 23.234.28.124 38.177.159.165 149.255.62.50 45.33.6.223 172.67.164.202 162.0.225.178	5	6.8		43	ZeroCERT

13183	2023-05-17 09:02	vbc.exe df8ab976221bbbd5d47dccd29ce378d3 UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware PDB unpack itself Remote Code Execution				2.4		45	ZeroCERT

13184	2023-05-17 07:13	MavrodiBlack.exe 22b25918bfdd12b1b6646cf6cdf1e867 UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware unpack itself crashed				2.2		47	ZeroCERT

13185	2023-05-17 07:12	version32.exe 9889b03f358c1e2a2635ae17eb4bf489 Anti_VM PE64 PE File VirusTotal Cryptocurrency Miner Malware unpack itself DNS CoinMiner		2	1	2.0		43	ZeroCERT