Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
13546	2021-10-14 15:40	yrbmplg.jpg 030ebed21ce55e6477e91bf28bde182d Gen2 Gen1 Malicious Library PE File PE32 DLL VirusTotal Malware Report PDB unpack itself DNS crashed		2	1		1.8	M	5	ZeroCERT

13547	2021-10-14 15:41	image.exe 6040407905ea1aa24dd58dc8befa4255 PWS .NET framework Generic Malware UPX AntiDebug AntiVM PE File PE32 OS Processor Check .NET EXE FormBook Malware download VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted ICMP traffic unpack itself	4 Keyword trend analysis Info http://www.uniqued.net/mexq/ - rule_id: 6315 http://www.mabnapakhsh.com/mexq/ - rule_id: 6371 http://www.mabnapakhsh.com/mexq/?jBZ4=OU1GtVXDbsnAoZAJ+r3UhPtpR181l/ARJ5oFEWbh76Mk/J1Ds5ZKsjMHrQjA03ZUl7BK7iZc&1bz=WHrtChz8v - rule_id: 6371 http://www.uniqued.net/mexq/?jBZ4=/3l62yGpIujmRd23NYyOlMT7eauth93xr/VrnqvY3AX4beNsr7BJ6oW+mJu6AhSMiBiHOIq9&1bz=WHrtChz8v - rule_id: 6315	8	1	4	9.2	M	26	ZeroCERT

13548	2021-10-14 15:42	c78zdj.jpg b39e2d4ed0d4f9e27f33a431f6cf8a9b Gen2 Gen1 Malicious Library PE File PE32 DLL VirusTotal Malware PDB unpack itself DNS crashed		1			1.8	M	8	ZeroCERT

13549	2021-10-14 15:43	.lsass.exe 7f44706f1c5ed5d723262bfa03b5500e PWS .NET framework Generic Malware Admin Tool (Sysinternals etc ...) AntiDebug AntiVM PE File PE32 .NET EXE FormBook Malware download VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities Checks Bios Detects VirtualBox suspicious process AppData folder WriteConsoleW VMware anti-virtualization Windows ComputerName Software	1 Keyword trend analysis	3	1	1	15.6	M	23	ZeroCERT

13550	2021-10-14 15:44	gauydpu.jpg 41e7a4a49e55537359d5ec27611ff476 Gen2 Gen1 Malicious Library PE File PE32 DLL VirusTotal Malware PDB unpack itself crashed					1.2	M	8	ZeroCERT

13551	2021-10-14 15:45	m2pb6t7.jpg 24ceaa006c0dce2aedb1e4af1d0ae187 Gen2 Gen1 Malicious Library PE File PE32 DLL VirusTotal Malware PDB Check memory unpack itself crashed					1.6	M	14	ZeroCERT

13552	2021-10-14 15:45	vbc.exe 3fc196a38075b3009bbb2c7991f07cd3 RAT PWS .NET framework Gen2 Emotet Gen1 Formbook CryptBot Generic Malware NSIS Malicious Library UPX Malicious Packer Admin Tool (Sysinternals etc ...) Antivirus ASPack Anti_VM KeyLogger ScreenShot AntiDebug AntiVM PE File PE32 OS Processor Check .NET EXE Browser Info Stealer VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself suspicious process AppData folder installed browsers check Windows Browser					11.8		59	ZeroCERT

13553	2021-10-14 15:47	e30yx6veq.jpg d76212735a65691a2ed0d199e4e47c42 Gen2 Gen1 Malicious Library PE File PE32 DLL VirusTotal Malware PDB unpack itself crashed					1.2	M	5	ZeroCERT

13554	2021-10-14 15:47	5.189.222.161 dffb3d323708f624dc3469e99c3adcb3 AntiDebug AntiVM MSOffice File VirusTotal Email Client Info Stealer Malware suspicious privilege Checks debugger Creates shortcut unpack itself AntiVM_Disk VM Disk Size Check installed browsers check Browser Email ComputerName					4.2	M	7	ZeroCERT

13555	2021-10-14 15:49	yqyc8tnfx.jpg f5fdbbd749a33dfb3c4acdf876251a07 Gen2 Gen1 Malicious Library PE File PE32 DLL VirusTotal Malware PDB unpack itself crashed					1.2	M	5	ZeroCERT

13556	2021-10-14 15:49	vbc.exe 25aa37e21c29b7cff02509533b585ed7 Formbook UPX PE File PE32 VirusTotal Malware Check memory RWX flags setting unpack itself Remote Code Execution					2.8	M	42	ZeroCERT

13557	2021-10-14 15:51	ConsoleApp18.exe aade455507f667318c83c42a95b3fc3c AgentTesla browser info stealer Generic Malware Google Chrome User Data Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection Downloader AntiDebug AntiVM PE File PE32 .NET EXE VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key DDNS crashed keylogger		2	1		10.0	M	40	ZeroCERT

13558	2021-10-14 15:51	.rundll32.exe 559db8de6e321a3af47772f5d349514a PWS Loki[b] Loki.m RAT .NET framework Generic Malware DNS Socket AntiDebug AntiVM PE File PE32 .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs AntiVM_Disk VM Disk Size Check installed browsers check Browser Email ComputerName DNS Software		1			13.2	M	38	ZeroCERT

13559	2021-10-14 15:53	boy.exe 9fc5e3f7bd22edf9bd8df34405f0e64e PWS .NET framework Generic Malware SMTP KeyLogger AntiDebug AntiVM PE File PE32 .NET EXE VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName DNS crashed		1			9.8	M	40	ZeroCERT

13560	2021-10-14 15:56	fqvzp6.jpg 181b9334f6c5901fdf4d111ec687900e Gen2 Gen1 Malicious Library PE File PE32 DLL VirusTotal Malware PDB unpack itself crashed					1.4	M	10	ZeroCERT