Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
13441	2023-05-08 09:39	build.exe a9625534c25a4c39665dcf449f6d5c4a Generic Malware UPX Malicious Packer Malicious Library OS Processor Check PE64 PE File VirusTotal Malware DNS crashed		1			2.0	M	42	ZeroCERT

13442	2023-05-08 09:37	j.txt.ps1 cf9de0b02897dd1a0b1c547006e70ab2 Generic Malware Antivirus powershell Check memory unpack itself powershell.exe wrote WriteConsoleW Windows Cryptographic key	1 Keyword trend analysis				2.2			ZeroCERT

13443	2023-05-08 09:37	islight2.1.exe 80aa4d31a2a0e45c6be34d1c9431aa58 Generic Malware Antivirus SMTP PWS[m] KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed keylogger	1 Keyword trend analysis	2	1		16.0	M	50	ZeroCERT

13444	2023-05-08 09:34	s.exe 737e22e4f92ee7846f37474df77e7928 UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware PDB unpack itself					1.8	M	27	ZeroCERT

13445	2023-05-08 09:32	harry 422ccd40034e44004294a5d6efef2486 Generic Malware Antivirus PWS[m] KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell Telegram PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key Software crashed		5	4		15.0	M	41	ZeroCERT

13446	2023-05-08 09:32	photo_727.exe b2e88b522292ea5d250be091a726aa95 Gen1 Emotet UPX Malicious Library Admin Tool (Sysinternals etc ...) Malicious Packer CAB PE32 PE File OS Processor Check DLL Browser Info Stealer Malware download Amadey FTP Client Info Stealer Malware AutoRuns PDB suspicious privilege Malicious Traffic Check memory Checks debugger WMI Creates executable files unpack itself Windows utilities Disables Windows Security Collect installed applications suspicious process AppData folder AntiVM_Disk WriteConsoleW VM Disk Size Check installed browsers check Windows Update Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed	3 Keyword trend analysis	2	6 Info ET MALWARE Amadey CnC Check-In ET INFO Executable Download from dotted-quad Host ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response ET INFO Dotted Quad Host DLL Request	1	16.0	M		ZeroCERT

13447	2023-05-08 09:29	rmns.exe dc159d07b8cdde55acebc57c1ca08e45 UPX Admin Tool (Sysinternals etc ...) Malicious Library OS Processor Check MZP Format PE32 PE File VirusTotal Malware suspicious privilege WMI unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName					4.0	M	24	ZeroCERT

13448	2023-05-08 09:29	lsass.png eb85c562249e96d7a946111241f0ea4b EnigmaProtector .NET EXE PE32 PE File VirusTotal Malware Cryptocurrency wallets Cryptocurrency AutoRuns suspicious privilege Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process AppData folder AntiVM_Disk WriteConsoleW VM Disk Size Check Ransomware Windows ComputerName crashed					10.0	M	50	ZeroCERT

13449	2023-05-08 09:26	harrynewguy 336a11f0599570c025e2458715d67311 PWS .NET framework Generic Malware Antivirus PWS[m] KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell Telegram suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key Software crashed	1 Keyword trend analysis	4	4		15.4	M	39	ZeroCERT

13450	2023-05-08 09:25	clip64.dll 64d71779a23591879bea49423a743dcb UPX Admin Tool (Sysinternals etc ...) Malicious Library OS Processor Check DLL PE32 PE File VirusTotal Malware PDB Checks debugger unpack itself					2.0	M	54	ZeroCERT

13451	2023-05-08 09:25	ppls25.exe 34e5f4cc8913e0ecc3b2a20ab7df5191 Gen2 Gen1 UPX Malicious Library PE64 PE File Browser Info Stealer VirusTotal Malware PDB MachineGuid buffers extracted unpack itself Check virtual network interfaces Tofsee Browser Remote Code Execution crashed	3 Keyword trend analysis	8	2		3.8	M	7	ZeroCERT

13452	2023-05-08 09:24	toolspub1.exe 89b87b961d9bbba6882c395867522639 UPX Malicious Library AntiDebug AntiVM OS Processor Check PE32 PE File VirusTotal Malware PDB Code Injection Checks debugger buffers extracted unpack itself					7.0	M	31	ZeroCERT

13453	2023-05-08 09:24	blacknew 175bf8ff7c456cd1e057daa4a8c03483 PWS .NET framework Generic Malware Antivirus PWS[m] KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Telegram suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities Check virtual network interfaces suspicious process WriteConsoleW IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key Software crashed	1 Keyword trend analysis	4	4		14.6	M	41	ZeroCERT

13454	2023-05-08 09:23	setup.exe de5cb59ff519da2f1bb531d0ee62d519 UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware PDB unpack itself					2.0	M	35	ZeroCERT

13455	2023-05-08 09:23	cred64.dll d90ff2bfb347d3ac1cfc1b06addd16cf Ave Maria WARZONE RAT UPX Malicious Library OS Processor Check DLL PE64 PE File VirusTotal Malware PDB Checks debugger unpack itself installed browsers check Browser ComputerName crashed					2.6	M	38	ZeroCERT