Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
13561	2023-05-02 07:40	Korsakoff.exe d03d1839ba1d7c4c5a1941d8e3fb35eb Generic Malware UPX Antivirus Malicious Library OS Processor Check PE64 PE File PowerShell VirusTotal Malware powershell suspicious privilege MachineGuid Check memory Checks debugger Creates shortcut unpack itself Windows utilities Disables Windows Security suspicious process WriteConsoleW Windows ComputerName Cryptographic key				6.0	M	6	ZeroCERT

13562	2023-05-02 05:25	bryanwalling 10b03a981cdac8bf7408667a60f5cb6f AntiDebug AntiVM Email Client Info Stealer Code Injection Check memory Checks debugger unpack itself installed browsers check Browser Email				3.2			BRY

13563	2023-05-01 16:35	Calculator.exe 53817d095edd0763941ea1fb8af644a1 Gen1 Emotet Gen2 Generic Malware UPX ASPack Malicious Library OS Processor Check PE64 PE File DLL ZIP Format VirusTotal Malware Check memory Creates executable files Ransomware				2.6	M	26	ZeroCERT

13564	2023-05-01 15:42	disableclr.exe 6f7ee6c7d8f302d4c292508696a6dedb RAT Malicious Library PE32 PE File				0.2			guest

13565	2023-05-01 11:49	main.c47195de.css 0adbf0b1d5e2bd19d4e94242e0840430 ScreenShot AntiDebug AntiVM Check memory unpack itself				1.0			BRY

13566	2023-05-01 07:43	PNe5J9o1XCKpHYk.exe 40be18ff344e38f80cec056f5bd97f21 PWS .NET framework UPX Admin Tool (Sysinternals etc ...) DNS AntiDebug AntiVM .NET EXE PE32 PE File VirusTotal Malware Buffer PE suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted ICMP traffic unpack itself Windows utilities suspicious process WriteConsoleW human activity check Windows ComputerName DNS Cryptographic key		1		16.0	M	55	guest

13567	2023-04-29 23:32	JoSetp.exe ed59308f9e2b59ec4195a99788cee8ee Confuser .NET .NET EXE PE32 PE File VirusTotal Malware MachineGuid Check memory Checks debugger ICMP traffic unpack itself Check virtual network interfaces Tofsee Ransomware DNS		3	3	4.4	M	57	guest

13568	2023-04-29 21:52	svchost.exe e6a2752e80594deabb0362f04ad28cd4 PE64 PE File VirusTotal Malware crashed				0.6		4	guest

13569	2023-04-29 14:11	Hash3_old_SC.bat b6e57ac15b25e719f377d730eca367e0 Downloader Create Service DGA Socket DNS Code injection HTTP PWS[m] Sniff Audio Steal credential Http API P2P Internet API Escalate priviledges FTP KeyLogger ScreenShot AntiDebug AntiVM suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key				4.0			ZeroCERT

13570	2023-04-29 14:11	Widgets.bat dbc8b43b6f585fb216d2fa69cafb11e3 Downloader Create Service DGA Socket DNS Code injection HTTP PWS[m] Sniff Audio Steal credential Http API P2P Internet API Escalate priviledges FTP KeyLogger ScreenShot AntiDebug AntiVM VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key				4.4		2	ZeroCERT

13571	2023-04-29 14:03	ProjectFunding_F095_Apr28.wsf 5f22cd6c30898540df18fe6fb40a31d2 Qakbot VBScript wscript.exe payload download DNS Dropper	1 Keyword trend analysis	1		10.0			guest

13572	2023-04-29 14:03	ProjectFunding_F095_Apr28.wsf 5f22cd6c30898540df18fe6fb40a31d2 VBScript wscript.exe payload download DNS Dropper	1 Keyword trend analysis	1		10.0			guest

13573	2023-04-29 14:02	ProjectFunding_D371_Apr28.wsf dd9b616637cb67d4823ca2ce569a158e VBScript wscript.exe payload download DNS Dropper	1 Keyword trend analysis	1		10.0			guest

13574	2023-04-29 12:30	mmm.exe 8018e9f1a6e6f4c6ad0475f255474d89 RAT Generic Malware UPX Antivirus OS Processor Check .NET EXE PE32 PE File VirusTotal Malware powershell Telegram AutoRuns suspicious privilege MachineGuid Check memory Checks debugger Creates shortcut Creates executable files unpack itself Check virtual network interfaces suspicious process AntiVM_Disk VM Disk Size Check Tofsee Windows ComputerName DNS Cryptographic key keylogger		2	4	7.8	M	56	ZeroCERT

13575	2023-04-29 12:29	purplerain.dat 64a097d23fbc66180b46bc9124518090 DLL PE32 PE File Checks debugger unpack itself DNS crashed				2.8	M		ZeroCERT