popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
13801 2023-04-19 06:31 TransparencyTopic-2023-04-18-0...  

c9f7c97f79ddacf70c48747de0599deb


AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName 		3.4 guest

13802 2023-04-19 06:31 CloudServicesTopic-2023-04-18-...  

6b2ede8ffa4abf4625b9f58b6fd1cb08


Keylogger Discord AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName 		3.4 guest

13803 2023-04-19 06:30 WiFiLQMMetrics-2023-04-17-1704...  

1661b9f129bfdd9c94bc68262e821622


AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed 		3.8 guest

13804 2023-04-18 19:01 newf.dotm  

175722ba98f8f2715841c2c22026b7c8


VBA_macro Generic Malware Antivirus ZIP Format Word 2007 file format(docx) PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut RWX flags setting exploit crash unpack itself powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows Exploit ComputerName Cryptographic key crashed Downloader 		1 2 2 10.0 M 24 ZeroCERT

13805 2023-04-18 17:52 Togwcstgxg.exe  

7225b0d133ba9c857fbfb6291eab84e3


Generic Malware Downloader task schedule UPX Malicious Library Antivirus Create Service DGA Socket DNS Code injection HTTP PWS[m] Sniff Audio Steal credential Http API P2P Internet API Escalate priviledges FTP KeyLogger ScreenShot persistence AntiDebug An Browser Info Stealer VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger Creates shortcut Creates executable files unpack itself suspicious process AppData folder malicious URLs installed browsers check Ransomware Windows Browser ComputerName DNS Cryptographic key 		1 1 9.4 M 50 ZeroCERT

13806 2023-04-18 17:46 hastly.exe  

4587d9fde0fc6ad5decaaf9b391ebd5b


UPX OS Processor Check PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Malware Check memory buffers extracted unpack itself Ransomware Browser DNS Software 		2 1 4.4 M 50 ZeroCERT

13807 2023-04-18 17:42 vbc.exe  

bc22f3ae38188dd77d35e949f9558150


PWS .NET framework RAT Generic Malware Antivirus SMTP KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself Check virtual network interfaces suspicious process IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key Software crashed 		2 3 2 14.0 M ZeroCERT

13808 2023-04-18 17:40 Installs.exe  

4c9bc0e73872ba91b88fda7a45e5379a


PWS .NET framework RAT Malicious Library .NET EXE PE32 PE File VirusTotal Malware suspicious privilege MachineGuid Code Injection Check memory Checks debugger Creates shortcut unpack itself installed browsers check Browser ComputerName crashed 		6.0 M 45 ZeroCERT

13809 2023-04-18 17:37 okes.exe  

2775771aca8f5cdb689354532eba3109


UPX MPRESS PE64 PE File VirusTotal Malware crashed 		2.0 M 41 ZeroCERT

13810 2023-04-18 17:36 Prynt_Stealer_5.6.exe  

c9b42a5736dc621a27af89075e9cd8b4


PWS .NET framework RAT UPX .NET EXE PE32 PE File VirusTotal Malware PDB Check memory Checks debugger unpack itself ComputerName 		2.8 M 53 ZeroCERT

13811 2023-04-18 17:35 virus.exe  

43967615d9e0e19bc59d32fdb5afd7e4


RedLine stealer[m] PWS .NET framework RAT Generic Malware Downloader UPX Malicious Library Antivirus Create Service DGA Socket DNS Code injection HTTP PWS[m] Sniff Audio Steal credential Http API P2P Internet API Escalate priviledges FTP KeyLogger ScreenS Browser Info Stealer VirusTotal Malware powershell suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger Creates shortcut Creates executable files unpack itself powershell.exe wrote Check virtual network interfaces suspicious process AppData folder malicious URLs installed browsers check Windows Browser ComputerName DNS Cryptographic key 		1 2 10.2 M 34 ZeroCERT

13812 2023-04-18 17:34 ark.exe  

b5bb2601161911af5e73af89d2010875


PWS .NET framework Admin Tool (Sysinternals etc ...) SMTP KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed 		1 2 1 12.0 M 25 ZeroCERT

13813 2023-04-18 13:36 locacem2.1.exe  

241b78d02640dea21e13c5bb27f3070c


UPX Malicious Library PE32 PE File FormBook Malware download VirusTotal Malware suspicious privilege Malicious Traffic Check memory Creates executable files unpack itself 		12 15 2 11 5.4 M 35 ZeroCERT

13814 2023-04-18 10:49 locacem2.1.exe  

241b78d02640dea21e13c5bb27f3070c


UPX Malicious Library PE32 PE File VirusTotal Malware suspicious privilege Check memory Creates executable files unpack itself 		3.2 M 35 r0d

13815 2023-04-18 09:54 paladin.hta  

1788bf59ef4448b60cab56c45cc7cafe


Generic Malware Antivirus PowerShell VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key 		5.6 21 ZeroCERT

keyword