Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
13591	2021-10-14 17:33	SI-3023-9552783693PDF.jar 2922d30afb359edde8083596e20601dc Generic Malware Malicious Packer Malicious Library MSOffice File OS Processor Check VirusTotal Malware unpack itself Windows utilities Windows					1.8	M	7	ZeroCERT

13592	2021-10-14 17:35	farm_money.exe fa409741e16094bb8bc373d7b46742cd Malicious Packer Malicious Library PE64 PE File VirusTotal Malware Code Injection buffers extracted					3.2	M	40	ZeroCERT

13593	2021-10-14 18:00	sold.exe 3c46298cfa8e5755a58aee34d65cb397 CoinMiner PE64 PE File VirusTotal Malware					1.6	M	41	r0d

13594	2021-10-14 18:03	SI-3023-9552783693PDF.jar 2922d30afb359edde8083596e20601dc NPKI Generic Malware Malicious Packer Malicious Library UPX MSOffice File OS Processor Check PE File PE32 DLL VirusTotal Malware AutoRuns Check memory buffers extracted Creates executable files RWX flags setting unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder suspicious TLD WriteConsoleW Windows Java ComputerName DNS DDNS crashed	1 Keyword trend analysis	10	4		8.2	M	7	ZeroCERT

13595	2021-10-14 18:04	ETH2.exe 13003cbfb6d2adfeea85952f8172c4f7 Generic Malware PE64 PE File VirusTotal Malware					1.2	M	25	r0d

13596	2021-10-14 18:07	t1.msi 2a4e5b1d5b49fc0dd4c867c2ab6aa854 Admin Tool (Sysinternals etc ...) MSOffice File VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself AntiVM_Disk VM Disk Size Check ComputerName					2.4		10	ZeroCERT

13597	2021-10-14 18:08	6666.exe f8d8071d3e0163eb4e816ec49d0b2e8e NPKI Malicious Library PE64 PE File VirusTotal Malware					1.6	M	31	r0d

13598	2021-10-14 18:10	VanGoth.exe afff555062c4e6fb3a34e7c2be519fcd RAT Generic Malware PE File PE32 .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself ComputerName					1.8		29	ZeroCERT

13599	2021-10-14 18:10	monero-bandit.exe 342ef4f2941187bdc7f66d148be0ff75 Malicious Packer Malicious Library PE64 PE File VirusTotal Malware Code Injection buffers extracted					3.2	M	41	r0d

13600	2021-10-14 18:12	6666.exe f8d8071d3e0163eb4e816ec49d0b2e8e NPKI Malicious Library PE64 PE File VirusTotal Malware					1.6	M	31	r0d

13601	2021-10-14 18:18	VanGoth.exe afff555062c4e6fb3a34e7c2be519fcd RAT Generic Malware PE File PE32 .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself ComputerName					1.8		29	ZeroCERT

13602	2021-10-14 18:19	bloodteam.exe 2d82ec0905de054cd685e6a52e2d9442 Generic Malware Antivirus PE File PE32 VirusTotal Malware powershell suspicious privilege Malicious Traffic Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote Check virtual network interfaces suspicious process suspicious TLD WriteConsoleW Tofsee Windows ComputerName Cryptographic key Downloader	2 Keyword trend analysis	3	1	2	10.0	M	38	ZeroCERT

13603	2021-10-15 08:03	bad.ps1 b1fa83e12b8185c4e3ecb3b62795daa1 Generic Malware Antivirus Check memory unpack itself					0.6			guest

13604	2021-10-15 09:12	see.exe 420dfd33b3fe55c741bbc5ddb09b3e38 PWS .NET framework Generic Malware PE File PE32 .NET EXE VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger unpack itself					5.2		21	ZeroCERT

13605	2021-10-15 09:12	110.exe d8f411a8ac121a651e56becbbc6f9722 Themida Packer Admin Tool (Sysinternals etc ...) UPX Malicious Library PE File PE32 .NET EXE VirusTotal Malware AutoRuns suspicious privilege Check memory Checks debugger Creates executable files unpack itself Checks Bios Detects VMWare Check virtual network interfaces AntiVM_Disk VMware anti-virtualization VM Disk Size Check Windows ComputerName Firmware DNS crashed		1			9.8		30	ZeroCERT