Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
13471	2023-05-06 12:07	RegSvcs.exe 670f7f6f032284c460937ed3e8960a93 RAT Malicious Packer .NET EXE PE32 PE File AutoRuns PDB Check memory Checks debugger unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName				3.2	M		ZeroCERT

13472	2023-05-06 12:05	word.exe 92439028dde5d36916b9321eb24f6018 UPX Downloader Malicious Library OS Processor Check PE64 PE File VirusTotal Malware PDB DNS		1		1.6		24	ZeroCERT

13473	2023-05-06 12:05	RegSvcs.exe b90ce0d39f5d8da6f160920f5e873c36 PWS .NET framework RAT UPX Confuser .NET OS Processor Check .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Windows Browser ComputerName DNS Cryptographic key Software crashed		1		5.0			ZeroCERT

13474	2023-05-06 12:03	ostaj2.1.exe c544c36f9031c1c13c9444edc245f55f NSIS UPX Malicious Library PE32 PE File DLL Malware download AveMaria NetWireRC VirusTotal Malware AutoRuns MachineGuid Check memory Creates executable files unpack itself AppData folder Windows RAT ComputerName DNS DDNS keylogger		2	4	5.4	M	41	ZeroCERT

13475	2023-05-06 12:02	Had.exe d1be65b8aec1db2ee0d98b686b8749fa Malicious Library PE64 PE File VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself DNS		1		2.8		29	ZeroCERT

13476	2023-05-06 12:01	malwr.exe c2db1e38863cc1bd9fefc90a7d9ae083 Generic Malware UPX Malicious Packer Malicious Library PE64 PE File VirusTotal Malware WriteConsoleW Ransomware				2.6	M	14	ZeroCERT

13477	2023-05-06 12:00	WSearch136Estcott.exe 7fd2d4cf90f09e3c742766b2788e8a1f RAT NSIS Generic Malware UPX Malicious Library AntiDebug AntiVM PE32 PE File PNG Format OS Processor Check DLL .NET DLL .NET EXE MSOffice File JPEG Format VirusTotal Malware AutoRuns MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates executable files RWX flags setting exploit crash unpack itself Windows utilities Disables Windows Security Check virtual network interfaces AppData folder Tofsee Interception Windows Exploit Browser DNS Cryptographic key crashed		4	2	11.2	M	33	ZeroCERT

13478	2023-05-06 11:59	miner.exe c6808ca5fac7b8bc9fd63a1c381e7872 PE64 PE File VirusTotal Malware Check memory Checks debugger unpack itself				2.4	M	50	ZeroCERT

13479	2023-05-06 11:57	Mglf.js 45eac67359c6b58b731a4680108ed5cc Generic Malware Antivirus AntiDebug AntiVM PowerShell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself suspicious process Windows ComputerName Cryptographic key	3 Keyword trend analysis			5.6			ZeroCERT

13480	2023-05-06 11:57	Oype.js af495d9a71b634dc1ca0996153c448e1 Generic Malware Antivirus AntiDebug AntiVM PowerShell powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself suspicious process Windows ComputerName Cryptographic key	3 Keyword trend analysis			5.6			ZeroCERT

13481	2023-05-06 11:56	Goncymkg.js 65db457d6e164827bc8a1eb7d369c358 Generic Malware Antivirus AntiDebug AntiVM PowerShell powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself suspicious process Windows ComputerName Cryptographic key	3 Keyword trend analysis			5.6			ZeroCERT

13482	2023-05-06 11:55	vbc.exe 3f7fb7ea38ef370de09b4b709d07e0e8 Formbook PWS .NET framework PWS[m] AntiDebug AntiVM .NET EXE PE32 PE File FormBook Malware download VirusTotal Malware PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself	2 Keyword trend analysis	4	1	8.6		42	ZeroCERT

13483	2023-05-05 08:16	Qt.js 9e4de536baa6f12b1787e712c2f33180 Generic Malware Antivirus AntiDebug AntiVM PowerShell powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself suspicious process Windows ComputerName Cryptographic key				5.6			ZeroCERT

13484	2023-05-05 07:40	LAPTOP-VLS847B3-20230501-1200.... 7c511160abd28b9bf293c1e07079fe75 ScreenShot AntiDebug AntiVM Check memory unpack itself				1.0			guest

13485	2023-05-05 07:29	LAPTOP-VLS847B3-20230501-0400.... 987cccf64ea368264185e45ec82d77a2 ScreenShot AntiDebug AntiVM Check memory unpack itself				1.0			guest