Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
13726	2021-10-19 09:25	PTL_100258541102.exe 737732b33bdfa729010c81fba507c59e RAT PWS .NET framework Generic Malware PE File PE32 .NET EXE VirusTotal Malware Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Tofsee ComputerName	1 Keyword trend analysis	4	1		3.0		20	ZeroCERT

13727	2021-10-19 09:26	vbc.exe e8545399823b411ea6cb927e80aded0f RAT PWS .NET framework Generic Malware task schedule AntiDebug AntiVM PE File PE32 .NET EXE Dridex TrickBot VirusTotal Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities Check virtual network interfaces suspicious process malicious URLs Tofsee Kovter Windows DNS Cryptographic key	1 Keyword trend analysis	6	2		13.8		17	ZeroCERT

13728	2021-10-19 09:27	vbc.exe b59b1a9c76a4db8f4df286a20f0735bc Malicious Library UPX PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself DNS		1			2.4		24	ZeroCERT

13729	2021-10-19 09:28	askinstall24.exe edd9798569447f5264a467bc71e42964 Gen2 Trojan_PWS_Stealer Credential User Data Generic Malware Malicious Packer Malicious Library SQLite Cookie UPX PE File OS Processor Check PE32 PNG Format Browser Info Stealer VirusTotal Malware PDB suspicious privilege MachineGuid Code Injection Malicious Traffic Checks debugger WMI Creates executable files ICMP traffic exploit crash unpack itself Windows utilities suspicious process suspicious TLD WriteConsoleW installed browsers check Tofsee Windows Exploit Browser ComputerName Remote Code Execution DNS crashed	4 Keyword trend analysis	8	3	3	10.6	M	46	ZeroCERT

13730	2021-10-19 09:30	vbc.exe 880f777281c6d20ac36dcf540d10df1b RAT PWS .NET framework Generic Malware PE File PE32 .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself ComputerName					2.2		21	ZeroCERT

13731	2021-10-19 09:31	WERTYU345678ertyuiSDF34.exe 70cb56c6c5c12806d8ab9ec9cb9f9721 Gen2 Gen1 Generic Malware Malicious Library UPX DNS AntiDebug AntiVM PE File OS Processor Check PE32 VirusTotal Malware Buffer PE AutoRuns PDB suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process sandbox evasion WriteConsoleW human activity check Windows ComputerName Remote Code Execution DNS DDNS crashed		2	1		17.0		36	ZeroCERT

13732	2021-10-19 09:33	102.exe 34ff816c9decd4151520a12452cde537 RAT PWS .NET framework Generic Malware ASPack Malicious Packer Malicious Library UPX Antivirus AntiDebug AntiVM PE File PE32 .NET EXE VirusTotal Malware powershell AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities Disables Windows Security powershell.exe wrote Check virtual network interfaces suspicious process AppData folder malicious URLs sandbox evasion WriteConsoleW Tofsee Ransomware Windows Tor ComputerName Cryptographic key crashed	2 Keyword trend analysis	3	1		16.4	M	22	ZeroCERT

13733	2021-10-19 09:34	125.exe ea9748d43fde0c8942c9f7e47c8cfa37 RAT PWS .NET framework Generic Malware Antivirus ASPack Malicious Packer Malicious Library UPX AntiDebug AntiVM PE File PE32 .NET EXE VirusTotal Malware powershell suspicious privilege Malicious Traffic Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote AppData folder WriteConsoleW Tofsee Windows ComputerName Cryptographic key	4 Keyword trend analysis Info https://cdn.discordapp.com/attachments/893177342426509335/899579986283986974/61AD9E94.jpg https://cdn.discordapp.com/attachments/893177342426509335/899579983847096320/8F5AF8B4.jpg https://cdn.discordapp.com/attachments/893177342426509335/899579981057916928/D0541226.jpg https://cdn.discordapp.com/attachments/893177342426509335/899579987907186728/7377E0AD.jpg	2	1		5.2	M	23	ZeroCERT

13734	2021-10-19 09:35	askinstall25.exe c048209154042d9ff5514cfd008df4bd Gen2 Trojan_PWS_Stealer Credential User Data Generic Malware Malicious Packer Malicious Library SQLite Cookie UPX PE File OS Processor Check PE32 PNG Format Browser Info Stealer VirusTotal Malware PDB suspicious privilege MachineGuid Code Injection Malicious Traffic Checks debugger WMI Creates executable files exploit crash unpack itself Windows utilities suspicious process WriteConsoleW installed browsers check Tofsee Windows Exploit Browser ComputerName Remote Code Execution DNS crashed	4 Keyword trend analysis	8	3	3	9.8	M	47	ZeroCERT

13735	2021-10-19 09:36	nett.exe 400fba5ba55de726ed484ba680e74500 Gen2 Generic Malware Malicious Library UPX PE File OS Processor Check PE32 VirusTotal Malware PDB ICMP traffic unpack itself sandbox evasion Browser DNS crashed		1			6.2	M	10	ZeroCERT

13736	2021-10-19 09:37	vbc.exe 9fd8919e62792e6d93995b5f7abda850 RAT PWS .NET framework Generic Malware SMTP KeyLogger AntiDebug AntiVM PE File PE32 .NET EXE VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Tofsee Windows ComputerName Cryptographic key crashed	1 Keyword trend analysis	2	1		10.4	M	27	ZeroCERT

13737	2021-10-19 09:37	60852000010.exe a37e7dab62e1bc27058e90fa26bd5e60 RAT PWS .NET framework Generic Malware PE File PE32 .NET EXE VirusTotal Malware Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Tofsee ComputerName DNS	1 Keyword trend analysis	5	1		4.6	M	23	ZeroCERT

13738	2021-10-19 09:38	605300013806.exe 41347ab5d177516699a95664c9af347f RAT PWS .NET framework Generic Malware PE File PE32 .NET EXE VirusTotal Malware Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Tofsee ComputerName	1 Keyword trend analysis	4	1		3.0	M	20	ZeroCERT

13739	2021-10-19 09:40	new.exe 217406c42eee7058fa7de49d0224cefc Lazarus Family Themida Packer Malicious Library UPX PE File PE32 .NET EXE Browser Info Stealer VirusTotal Malware Malicious Traffic Check memory Checks debugger WMI unpack itself Checks Bios Collect installed applications Detects VMWare Check virtual network interfaces suspicious TLD VMware anti-virtualization installed browsers check Tofsee Windows Browser ComputerName Remote Code Execution Firmware DNS Cryptographic key crashed	2 Keyword trend analysis	5	1		11.0	M	24	ZeroCERT

13740	2021-10-19 09:41	097001357520.exe dbc86fb7bb8ff78aa755b835af1cea43 RAT PWS .NET framework Generic Malware PE File PE32 .NET EXE VirusTotal Malware Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Tofsee ComputerName	1 Keyword trend analysis	4	1		3.0	M	26	ZeroCERT