Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	VT	Player
13936	2021-10-22 09:15	data.exe e82a74fe0732ee10589a80df730a19a4 Generic Malware Malicious Library UPX PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself Remote Code Execution				1.8	19	ZeroCERT

13937	2021-10-22 09:15	4_aepdu.dll 339008271ae6018ecaa401fb76bb1db0 Malicious Library PE File PE32 DLL VirusTotal Malware				1.0	15	ZeroCERT

13938	2021-10-22 09:15	6_System.Data.Services.Client.... c3c91aab11ef219ec03c45850a793306 Malicious Library PE File PE32 DLL VirusTotal Malware				1.0	16	ZeroCERT

13939	2021-10-22 09:16	lv.exe 7d4a4b1e6c40323bb0c3c86da4c185d5 Themida Packer PE64 PE File VirusTotal Malware Windows crashed				2.4	34	ZeroCERT

13940	2021-10-22 09:17	file.exe f2abae5000fe712654372a7adb2321f4 Malicious Library UPX PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself Remote Code Execution				2.2	25	ZeroCERT

13941	2021-10-22 09:20	villarzx.exe 43185ba5682dbd5b9a4aeefd052f2ba7 PWS .NET framework Generic Malware Antivirus AntiDebug AntiVM PE File PE32 .NET EXE FormBook Malware download VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself	3 Keyword trend analysis Info http://www.joblessmoni.club/jy0b/?uTuD=lZAvshnAXCRo3OxS7Xd3jwzKlnlSeR6CInXa1L7eE6DvWsDLdAEUaYQrclA4HHWKQi8d0KKq&Kj6ht=ATPddxG8n2iHnzsP http://www.lamejorimagen.com/jy0b/?uTuD=qU/vGOCYU928Pg2xv/2gEaxDkyZlMKWkH/JgGYRwTmFZQ6NbLeraCuCU5YOdmxKyuue/AUGA&Kj6ht=ATPddxG8n2iHnzsP http://www.sodo6697.com/jy0b/?uTuD=rJ0/MQZ+mLsz4DE3auqvypq7j4naHIrZ9dWCM/eHg3jajSEvu+3ldVbY91DnADIKzhiuXVwF&Kj6ht=ATPddxG8n2iHnzsP	6	1	9.2	30	ZeroCERT

13942	2021-10-22 09:22	1921292380.exe 0068f1a9d11db46097fae660005c1228 RAT Generic Malware Antivirus Create Service DGA Socket Steal credential DNS Internet API Code injection Sniff Audio HTTP KeyLogger FTP Escalate priviledges Downloader ScreenShot Http API P2P AntiDebug AntiVM PE File PE32 .NET EXE VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself powershell.exe wrote suspicious process AppData folder WriteConsoleW Windows ComputerName DNS Cryptographic key		1		12.6	39	ZeroCERT

13943	2021-10-22 09:24	REE20212110575259OCT.lzh 5db43b8c8a1fea81c63ec85f0899d505 AntiDebug AntiVM VirusTotal Email Client Info Stealer Malware suspicious privilege Checks debugger Creates shortcut unpack itself AntiVM_Disk VM Disk Size Check installed browsers check Browser Email ComputerName				4.4	11	ZeroCERT

13944	2021-10-22 09:26	wxm.exe f0cf1d3d9ed23166ff6c1f3deece19b4 Malicious Packer Malicious Library UPX PE64 PE File OS Processor Check VirusTotal Malware unpack itself ComputerName				2.0	53	ZeroCERT

13945	2021-10-22 09:29	7_padrs404.dll a3a5924e4c87c69d14c2502875416ba6 Malicious Library PE File PE32 DLL VirusTotal Malware				1.0	16	ZeroCERT

13946	2021-10-22 09:29	new.exe f389bcaede3b4275e90f2d9ff0e50a57 RAT PWS .NET framework Generic Malware Antivirus ASPack Malicious Packer Malicious Library UPX PE File PE32 .NET EXE VirusTotal Malware powershell AutoRuns suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities Disables Windows Security powershell.exe wrote Check virtual network interfaces suspicious process AppData folder sandbox evasion WriteConsoleW Tofsee Windows ComputerName Cryptographic key crashed	2 Keyword trend analysis	2	1	12.0	23	ZeroCERT

13947	2021-10-22 09:33	sefile3.exe 07e1bee12f4cd1c0f569a1835713c3de Malicious Library UPX PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself Remote Code Execution				1.8	19	ZeroCERT

13948	2021-10-22 09:33	3_mfc140chs.dll 24c59e71e91bb28defa958d0461a1e1e Malicious Library PE File PE32 DLL VirusTotal Malware DNS		1	1	3.0	16	ZeroCERT

13949	2021-10-22 09:34	DRAFTCOPY-BILL-PDF309874847.sc... 4fb831a65cce2392df4c5f792dad31e2 Gen2 Gen1 NPKI Generic Malware Malicious Library UPX Anti_VM AntiDebug AntiVM PE File OS Processor Check PE32 .NET EXE Malware download Wshrat NetWireRC VirusTotal Malware VBScript Buffer PE AutoRuns PDB Code Injection Check memory Checks debugger buffers extracted WMI wscript.exe payload download Creates executable files unpack itself AntiVM_Disk IP Check VM Disk Size Check Windows Houdini ComputerName Remote Code Execution DNS DDNS crashed Dropper	2 Keyword trend analysis	5	6	10.0	34	ZeroCERT

13950	2021-10-22 09:35	vbc.exe 8085d3d42c44622ff02fdd0b0da21aa1 Malicious Library UPX PE File PE32 VirusTotal Malware RWX flags setting unpack itself Tofsee crashed	3 Keyword trend analysis Info https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1634862785&rver=7.3.6962.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fonedrive.live.com%2Fdownload%3Fcid%3D1836E41CA02A0786%26resid%3D1836E41CA02A0786%2521128%26authkey%3DAKFVLRIqw6-5mg8&lc=1033&id=250206&cbcxt=sky&cbcxt=sky https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1634862786&rver=7.3.6962.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fonedrive.live.com%2Fdownload%3Fcid%3D1836E41CA02A0786%26resid%3D1836E41CA02A0786%2521128%26authkey%3DAKFVLRIqw6-5mg8&lc=1033&id=250206&cbcxt=sky&cbcxt=sky https://onedrive.live.com/download?cid=1836E41CA02A0786&resid=1836E41CA02A0786%21128&authkey=AKFVLRIqw6-5mg8	4	1	3.6	26	ZeroCERT