Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
13831	2023-04-16 16:45	locacem2.1.exe 241b78d02640dea21e13c5bb27f3070c UPX Malicious Library PE File PE32 FormBook Malware download VirusTotal Malware suspicious privilege Malicious Traffic Check memory Creates executable files unpack itself suspicious TLD DNS	23 Keyword trend analysis Info http://www.lmteixeira.com/3ri5/?43a=YbXpO8f6Hib9Uwtv2jhOLkHCom129lz3fBKRMpd17kcGvqAlIYkukRc3MFx8Aiuw1xbqToM3oeO0mAyWHflUiRAu/nqisJ8AWi/NCRA=&Qj=eQQh6IAqOmK8K9Ot http://www.socialhundutbildning.com/3ri5/?43a=6fyh8NvGOALu1WTna1arX7cRTcJCaVezDnAB3SRdKno18i/IpLBv249NcS6xMQ5eVQU4L0x/+9B8EC80MEZinUr1wfqFxLl/6VdFhjA=&Qj=eQQh6IAqOmK8K9Ot http://www.whymart.info/3ri5/?43a=gg0WwMZJut98Pb9POX8BsR2tb4GvDHep0vhbybEGdeWO1wRcOh+rgMaB6OW+qqHzEPN/5qYCuQhy7THlnR0IkhmSzx7meYhwBzxXGxM=&Qj=eQQh6IAqOmK8K9Ot http://www.sqlite.org/2020/sqlite-dll-win32-x86-3320000.zip http://www.whymart.info/3ri5/ http://www.mrhaideri.xyz/3ri5/?43a=ng33xssushYrD1E++yuAaPoLG+XNDhmHsfNoSY6i5rDaNHDjFLB2dfvqjagzPxPXUhfa4r/kwA4ozZLVzFB0529cIF0+KvuBQ8UeUmA=&Qj=eQQh6IAqOmK8K9Ot http://www.bonniebathco.com/3ri5/?43a=m+9EiGOaRuotdr7HR1ai1gdt1GNDw1TmEpGkjtFtzc/dlwOBWFwqBGIyHAmZ6oV7v4zUEyUjENgsJ6+uFn07ZXodw4yIovvs9zaIw1Y=&Qj=eQQh6IAqOmK8K9Ot http://www.mrhaideri.xyz/3ri5/ http://www.virgocxexdc.com/3ri5/?43a=81Tz90LMokPE2E9026adtJbdEbByY5oL5tPN4TGnsToE3WZdLjOYAqIqxjS3dy9MhV3MfMDc0WPgBHiEtFDot2jRkWO3LpT059HFNzU=&Qj=eQQh6IAqOmK8K9Ot http://www.wormholeent.com/3ri5/?43a=GAeB9SO66wCu7XeOxUWjwQ3IXqr33QahFXqmZDAHjMk4F3Cn5yc7ZixTmnMJeZduFMM5t3USTT/RsQKU/fMUECl8s6zVBxGU3NlUJkM=&Qj=eQQh6IAqOmK8K9Ot http://www.diet-recipes.space/3ri5/ http://www.diet-recipes.space/3ri5/?43a=gAiYCkMh9HEWUQROjfER1pbHW334jo/FPGFqjrGyk6wUoRCDq6WjnIeXUfw70Q9BS5G10IzcyYkKsl0/bGzE82/BERVh2WOkHxwWlJk=&Qj=eQQh6IAqOmK8K9Ot http://www.shiyonggang.top/3ri5/ http://www.shiyonggang.top/3ri5/?43a=CR+qAR2Q1vfUJyJc4J7PIj4RcYiJUAVrPeBIKt6kUtE7XCq/28bBU4Yyt3KFKXKu7e/ZrDzbdKRDO1+3Ne4Ag9kKO6L7ev9eJYyBirY=&Qj=eQQh6IAqOmK8K9Ot http://www.293854.com/3ri5/?43a=8VfWc3I9T0q8uLWt5vMA8t/NaJjt99H5WpUIa33bhFXaN7+r5efgDAaDSWZ+OfLFop0DNHorEURjgXjwxWmjSn88pL4ptwdkA3+hAeE=&Qj=eQQh6IAqOmK8K9Ot http://www.virgocxexdc.com/3ri5/ http://www.lanmarconcreteomaha.com/3ri5/ http://www.brownstone.marketing/3ri5/?43a=v1a+ZoEzcRh50q2tDj03ofuTuK6dEashxWLebDlTotVYA45flfV1EPZtnjLTp8wtzJObZuW2CufgECU/vSOjQIa0l3HPVQyXyXUaHkE=&Qj=eQQh6IAqOmK8K9Ot http://www.lmteixeira.com/3ri5/ http://www.293854.com/3ri5/ http://www.bonniebathco.com/3ri5/ http://www.wormholeent.com/3ri5/ http://www.brownstone.marketing/3ri5/	26 Info www.socialhundutbildning.com(85.132.152.254) www.virgocxexdc.com(64.32.2.54) www.whymart.info(162.0.228.125) www.wormholeent.com(154.92.17.251) www.293854.com(122.10.13.104) www.brownstone.marketing(208.91.197.39) www.bonniebathco.com(213.171.195.105) www.diet-recipes.space(64.190.62.22) www.mrhaideri.xyz(185.55.227.138) www.lanmarconcreteomaha.com(147.154.0.23) www.lmteixeira.com(52.219.170.80) www.shiyonggang.top(43.243.74.83) 208.91.197.39 - mailcious 122.10.13.104 85.132.152.254 52.219.47.122 154.92.17.251 162.0.228.125 64.32.2.54 45.33.6.223 192.185.235.142 - mailcious 185.55.227.138 147.154.0.23 - mailcious 43.243.74.83 213.171.195.105 - mailcious 64.190.62.22 - mailcious	5	5.6	M	44	ZeroCERT

13832	2023-04-16 16:44	ss29 1a370e0c814e4444b9f0669ef7e92e3d Gen2 Gen1 Generic Malware UPX Malicious Library Malicious Packer PE64 PE File Browser Info Stealer VirusTotal Malware PDB MachineGuid unpack itself Check virtual network interfaces Tofsee Browser Remote Code Execution crashed	4 Keyword trend analysis	6	2	2.8	M	9	ZeroCERT

13833	2023-04-16 16:42	s.exe 4bf4ff505d264aff53bc0a885a6f5c8c UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware unpack itself				1.8	M	34	ZeroCERT

13834	2023-04-16 16:40	pushmid.exe 9fede67b91a08de8cb9b0ee0cd6fed9a UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware unpack itself				2.0	M	50	ZeroCERT

13835	2023-04-16 16:36	vdr.exe c06097200ce77e7d68dc2ca18b183096 Themida Packer PE64 PE File VirusTotal Malware unpack itself Windows crashed				3.4	M	30	ZeroCERT

13836	2023-04-16 16:34	s2s.exe 19b50e116e3708c663672d9c6e5a02f7 Keylogger Discord UPX Malicious Library Downloader Admin Tool (Sysinternals etc ...) MZP Format OS Processor Check PE File PE32 VirusTotal Malware MachineGuid Check memory Checks debugger buffers extracted unpack itself sandbox evasion anti-virtualization Windows Remote Code Execution DNS Cryptographic key crashed		2		7.6	M	42	ZeroCERT

13837	2023-04-16 16:31	update_v103.exe e30ecf9397dd0df9222d8b3011cd9816 UPX MPRESS PE64 PE File VirusTotal Malware Remote Code Execution crashed				2.6	M	49	ZeroCERT

13838	2023-04-16 16:30	build.exe 5bc8474304e8141a5e8e503c8e59a859 Generic Malware UPX Malicious Library Malicious Packer OS Processor Check PE64 PE File VirusTotal Malware				1.0	M	35	ZeroCERT

13839	2023-04-16 16:28	115.exe 72f39adecf2367944add8e33bbfc5c31 RAT Generic Malware Antivirus .NET EXE PE File PE32 VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key		1		6.4	M	21	ZeroCERT

13840	2023-04-16 16:25	troubled_projects.exe fd72f009bcbf63c9586becb726402280 UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware unpack itself Remote Code Execution DNS		1		2.4	M	56	ZeroCERT

13841	2023-04-16 16:24	dcrossw.exe caea33e0d520c8a783732de2634c1017 UPX Malicious Library PE File PE32 Malware download Remcos VirusTotal Malware AutoRuns Malicious Traffic Check memory Checks debugger Creates executable files unpack itself AppData folder WriteConsoleW Windows DNS DDNS	1 Keyword trend analysis	4	4	6.0	M	46	ZeroCERT

13842	2023-04-16 16:22	113.exe 9a75a6d3afd26306f563d96dc2517225 Gen1 Emotet PWS .NET framework RAT Malicious Library CAB PE File PE32 .NET EXE VirusTotal Malware AutoRuns PDB Check memory Checks debugger Creates executable files unpack itself Check virtual network interfaces AppData folder AntiVM_Disk VM Disk Size Check Tofsee Windows Remote Code Execution		2	2	4.6	M	42	ZeroCERT

13843	2023-04-16 16:22	114.exe dd0379a70a71b60b3a81a91d49c88648 RedLine stealer[m] NPKI Generic Malware Themida Packer UPX Malicious Library AntiDebug AntiVM OS Processor Check PE File PE32 icon Browser Info Stealer FTP Client Info Stealer VirusTotal Malware Buffer PE PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files exploit crash unpack itself Checks Bios Collect installed applications Detects VirtualBox Detects VMWare Check virtual network interfaces VMware anti-virtualization installed browsers check Windows Exploit Browser ComputerName Remote Code Execution Firmware DNS Cryptographic key Software crashed		2		20.4	M	48	ZeroCERT

13844	2023-04-16 16:21	Acx_w01.exe 9b329956bf938c36fe12b1524eff3be0 Emotet Generic Malware Malicious Library Malicious Packer Antivirus PE64 PE File DLL VirusTotal Malware powershell AutoRuns suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities Auto service powershell.exe wrote suspicious process Windows ComputerName DNS Cryptographic key crashed	1 Keyword trend analysis	1		10.8	M	29	ZeroCERT

13845	2023-04-16 16:20	build-0x739.exe 59f7602b250387b31bfc481f3efb9517 Generic Malware UPX Malicious Library Malicious Packer Antivirus OS Processor Check PE64 PE File VirusTotal Malware				1.2	M	43	ZeroCERT