Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
13921	2023-04-12 09:14	kXFpZBb.exe 46fabd3f430861f683716bc8857de68d Emotet Hide_EXE Generic Malware UPX Malicious Library Antivirus PE32 PE File VirusTotal Malware powershell AutoRuns suspicious privilege Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process AntiVM_Disk WriteConsoleW VM Disk Size Check Windows ComputerName Remote Code Execution Cryptographic key				6.4	M	45	ZeroCERT

13922	2023-04-12 03:56	NMemo1Setp.exe f12aa4983f77ed85b3a618f7656807c2 Confuser .NET .NET EXE PE32 PE File VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself Check virtual network interfaces Tofsee Ransomware DNS		3	3	3.8	M	59	guest

13923	2023-04-11 17:52	xt64.exe 2de83135f9c732a1563ba36d73444109 PE64 PE File VirusTotal Malware crashed				1.8	M	33	ZeroCERT

13924	2023-04-11 17:52	windows.exe ebc9000c9233ce8d2f0ec1d81ea6dfd5 UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware Checks debugger unpack itself				2.0	M	33	ZeroCERT

13925	2023-04-11 17:20	main.6d2031af.js bb3dcb1e3e853f373a62c76be8885c5f crashed				0.2			BRY

13926	2023-04-11 16:55	Patch.exe 48c2f2d2f74f052c77a7c1694c5cf7e4 UPX ASProtect PE32 PE File VirusTotal Malware Check memory Checks debugger unpack itself Remote Code Execution				2.4		12	guest

13927	2023-04-11 15:43	AL.pdf 2a8d2f23d6dfda4df874b409d503ce39 PDF Suspicious Link PDF AntiDebug AntiVM MSOffice File PNG Format JPEG Format VirusTotal Malware Code Injection RWX flags setting unpack itself Windows utilities Tofsee Windows	4 Keyword trend analysis Info http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/cxpsjblnoxgjoqggdsbvujtof4_58/khaoiebndkojlmppeemjhbpbandiljpe_58_win_advr4ucepztwtigvw3fduftsvbeq.crx3 http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/jewvegtcs2qdew3nlzz4kvsjqm_9.44.0/gcmjkmgdlgnkkcocmoeiminaijmmjnii_9.44.0_all_pywouuhjzu3khiqqvvfs2jt53q.crx3 http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/g6v7tvx6ixuzstk5etcqebphhq_7954/hfnkpimlhhgieaddgfemjhofmfblmnib_7954_all_adj2i674lrtcwrqqfhv37vujcaya.crx3 https://zacuta.com/eupa/eupa.php	19 Info edgedl.me.gvt1.com(34.104.35.123) www.google.com(142.250.206.228) www.gstatic.com(142.250.206.227) fonts.googleapis.com(142.250.207.106) accounts.google.com(142.250.206.205) _googlecast._tcp.local() apis.google.com(172.217.161.238) fonts.gstatic.com(142.250.207.99) zacuta.com(162.0.217.30) - mailcious clientservices.googleapis.com(142.250.207.99) 142.250.207.67 142.251.220.99 172.217.27.13 162.0.217.30 - mailcious 34.104.35.123 172.217.24.74 172.217.24.100 172.217.25.3 142.250.66.78	2	3.6		7	ZeroCERT

13928	2023-04-11 15:38	AL.pdf 2a8d2f23d6dfda4df874b409d503ce39 PDF Suspicious Link PDF VirusTotal Malware				0.4		7	ZeroCERT

13929	2023-04-11 15:26	ap3b.exe 2f2354202272c2848ca7c2ac18794703 Generic Malware UPX Malicious Library Antivirus OS Processor Check PE64 PE File VirusTotal Malware suspicious privilege MachineGuid Check memory Checks debugger Creates shortcut unpack itself suspicious process WriteConsoleW Windows ComputerName Cryptographic key				4.4	M	45	ZeroCERT

13930	2023-04-11 15:24	123.exe 58ad2aa0207ba9e35d89bb043bee822f Generic Malware AntiDebug AntiVM PE64 PE File DLL VirusTotal Malware Buffer PE AutoRuns PDB suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows Advertising Cryptographic key				8.6	M	22	ZeroCERT

13931	2023-04-11 15:13	02d856a1.exe a0e0f78ec3cb72fb11441a32c0c2ea1b UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware PDB unpack itself				1.8		27	ZeroCERT

13932	2023-04-11 10:55	iusb3mon.exe a05454a2ca6a6aa30e912a9ce1651151 UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware PDB Check memory crashed				2.0		35	r0d

13933	2023-04-11 10:55	WhaleSetup.exe 1e3722886b68cb4e706bd60e2cc257bd UPX Malicious Library ScreenShot AntiDebug AntiVM OS Processor Check PE32 PE File PNG Format PDB Code Injection Check memory Creates executable files RWX flags setting unpack itself AppData folder Interception Remote Code Execution				5.0			ZeroCERT

13934	2023-04-11 09:44	Stealer.exe efe82015c08d9d2b932bd105eacbf6c2 PWS .NET framework RAT .NET EXE PE32 PE File VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself ComputerName				2.4		54	ZeroCERT

13935	2023-04-11 09:43	asdsada.exe cbbdef6c4d82eb4ff01ed43f1e641907 UPX Malicious Library OS Processor Check PE32 PE File PDB				0.2			ZeroCERT