Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
13681	2023-04-24 08:52	4k4wuzs.exe 4073ba4d8574f29731ea77058377abca UPX Malicious Packer Malicious Library OS Processor Check PE32 PE File VirusTotal Malware				1.6	M	38	ZeroCERT

13682	2023-04-24 08:52	photo_320.exe 80ac68554b8fbc206b02e378609903a4 UPX Malicious Library OS Processor Check PE32 PE File PDB unpack itself Remote Code Execution				1.2			ZeroCERT

13683	2023-04-24 08:50	vbc.exe 18d9a8ecfbeb3fdebf8a83d814d37e78 Anti_VM .NET EXE PE32 PE File VirusTotal Malware Check memory Checks debugger unpack itself ComputerName				2.2	M	50	ZeroCERT

13684	2023-04-24 08:49	Donald2.exe 56845c8f34de9ef0fd3f779f2824ddd9 RAT PE64 PE File VirusTotal Malware Check memory Checks debugger unpack itself				2.4	M	47	ZeroCERT

13685	2023-04-24 05:17	caixa.apk beb22bc3c488093dde4a9128b3f7d505 ZIP Format VirusTotal Malware				0.6	M	18	guest

13686	2023-04-22 10:40	Server.exe e90e802ff8697b809263ff71ad5e137a .NET EXE PE32 PE File Check memory Checks debugger unpack itself crashed				1.0			guest

13687	2023-04-22 10:39	Server.exe e0f1b2b1bbce9d999e19602d85a52cb7 .NET EXE PE32 PE File Check memory Checks debugger unpack itself crashed				1.0			guest

13688	2023-04-22 09:03	B.exe 665d90fc3264e6f0b3a2b2e4fc715caf UPX Malicious Packer Antivirus Malicious Library PE32 PE File OS Processor Check PE64 VirusTotal Malware AutoRuns Check memory Creates executable files unpack itself AppData folder sandbox evasion Windows Browser DNS	2 Keyword trend analysis	2	6 Info ET DNS Query to a *.top domain - Likely Hostile ET INFO Executable Download from dotted-quad Host ET POLICY Unsupported/Fake Windows NT Version 5.0 ET INFO Packed Executable Download ET POLICY PE EXE or DLL Windows file download HTTP ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response	7.4	M	55	ZeroCERT

13689	2023-04-22 09:02	EFG.exe 3f1e33ac807cdf6aa5d2d0df56691a03 PWS .NET framework .NET EXE PE32 PE File PDB suspicious privilege Code Injection Check memory Checks debugger unpack itself DNS		1		5.0	M		ZeroCERT

13690	2023-04-22 09:01	networksec.exe b6c9c4471cac3642ad6c1eed4ab5aa98 PWS .NET framework Generic Malware Antivirus KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities Check virtual network interfaces suspicious process WriteConsoleW IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed	1 Keyword trend analysis	2	1	14.6	M	33	ZeroCERT

13691	2023-04-22 09:00	vbc.exe 3ad34ce31f7e3a9a6d946d8ab7415e57 PWS .NET framework .NET EXE PE32 PE File VirusTotal Malware PDB Check memory Checks debugger unpack itself DNS		2		3.2	M	41	ZeroCERT

13692	2023-04-22 08:58	797979.dll 3c6363eaa26123a42f5051a443385d1e IcedID Gen2 UPX Malicious Library OS Processor Check DLL PE64 PE File IcedID Malware download VirusTotal Malware PDB Malicious Traffic Checks debugger RWX flags setting unpack itself Windows utilities Windows crashed	1 Keyword trend analysis	2	1	4.2	M	16	ZeroCERT

13693	2023-04-22 08:58	15.ocx f43ab10a6a9570e4bdc2fd04aa3aa7c3 VMProtect Malicious Library PE32 PE File VirusTotal Malware suspicious privilege RWX flags setting unpack itself				3.8	M	40	ZeroCERT

13694	2023-04-22 08:56	fotocr20.exe f27dfa80e0ff665db13c1ea640f6c86b Gen1 Emotet UPX Malicious Library CAB PE32 PE File Browser Info Stealer FTP Client Info Stealer AutoRuns PDB suspicious privilege Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Disables Windows Security Collect installed applications AntiVM_Disk VM Disk Size Check installed browsers check Windows Update Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed		1		10.4	M		ZeroCERT

13695	2023-04-22 08:56	fotocr20.exe f27dfa80e0ff665db13c1ea640f6c86b Gen1 Emotet UPX Malicious Library CAB PE32 PE File Browser Info Stealer FTP Client Info Stealer AutoRuns PDB suspicious privilege MachineGuid Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Disables Windows Security Collect installed applications AntiVM_Disk VM Disk Size Check installed browsers check Windows Update Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed		2		10.6	M		ZeroCERT