popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
14011 2023-04-06 08:10 Htilunw.exe  

295235562a5d804fad58078b9b014165


PWS .NET framework RAT UPX OS Processor Check .NET EXE PE32 PE File VirusTotal Malware Tofsee 		1 4 1 1.2 9 ZeroCERT

14012 2023-04-05 17:39 7592a3326e8f8297547f8c170b96b8...  

2b8424d44a9d22b08b68af4e0f5ea9e6


PE64 PE File VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself Windows Cryptographic key 		2.8 M 43 ZeroCERT

14013 2023-04-05 17:37 103.exe  

dce62039df2bafb63e0e146ee03f3b33


RedLine stealer[m] RAT UPX AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Windows Browser ComputerName DNS Cryptographic key Software crashed 		1 11.0 M 53 ZeroCERT

14014 2023-04-05 17:37 toolspub1.exe  

3d8854201d7131f95772a5ba7be47be6


Malicious Library AntiDebug AntiVM PE32 PE File VirusTotal Malware PDB Code Injection Checks debugger buffers extracted unpack itself 		7.0 38 ZeroCERT

14015 2023-04-05 17:35 vbc.exe  

ac91186f688620b6a391847170b294b6


RAT Malicious Packer Admin Tool (Sysinternals etc ...) PWS[m] AntiDebug AntiVM .NET EXE PE32 PE File FormBook Malware download VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key 		2 6 1 9.6 M 53 ZeroCERT

14016 2023-04-05 17:35 x....xx.......doc  

e1ee12ca06b9c3b7649b9535749cf03b


MS_RTF_Obfuscation_Objects RTF File doc FormBook Malware download VirusTotal Malware Malicious Traffic buffers extracted RWX flags setting exploit crash Windows Exploit DNS crashed Downloader 		3 7 8 4.8 M 29 ZeroCERT

14017 2023-04-05 10:24 N1799ReleasableNasalwards.js  

ac6703217fe8901c194ac9f8390bb149


Generic Malware Antivirus AntiDebug AntiVM suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself suspicious process Windows ComputerName Cryptographic key 		8 5.6 ZeroCERT

14018 2023-04-05 10:23 NB6504Platemark.js  

94c66f83a8578ecf960ee2654380c490


Generic Malware Antivirus AntiDebug AntiVM powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself suspicious process Windows ComputerName DNS Cryptographic key 		8 1 6.2 ZeroCERT

14019 2023-04-05 10:22 unknown.exe  

62d43812a9da3cc5de08bb649e9e4d37


RAT .NET EXE PE32 PE File AutoRuns suspicious privilege MachineGuid Check memory Checks debugger Creates shortcut unpack itself installed browsers check Windows Browser ComputerName 		4.2 M ZeroCERT

14020 2023-04-05 10:21 unknown.exe  

5dbf6fd71ffb2ced455aae9b012f2876


RAT UPX Antivirus OS Processor Check .NET EXE PE32 PE File suspicious privilege MachineGuid Check memory Checks debugger unpack itself AntiVM_Disk VM Disk Size Check Windows ComputerName Cryptographic key 		2.8 M ZeroCERT

14021 2023-04-05 10:21 Bna-invoice#149.pdf.hta  

052a2a82953e9e96c0c84caffb694e67


Generic Malware Antivirus AntiDebug AntiVM MSOffice File VirusTotal Malware powershell suspicious privilege MachineGuid Code Injection Check memory Checks debugger Creates shortcut exploit crash unpack itself Windows utilities powershell.exe wrote suspicious process Tofsee Windows Exploit ComputerName DNS Cryptographic key crashed 		2 9.2 23 ZeroCERT

14022 2023-04-05 10:21 unknown.exe  

e8ffe4f72eefe667f92d23e7db901cd5


RAT Generic Malware UPX Antivirus .NET EXE PE32 PE File suspicious privilege MachineGuid Check memory Checks debugger buffers extracted Creates shortcut unpack itself installed browsers check Browser ComputerName 		3.2 M ZeroCERT

14023 2023-04-05 10:21 unknown.exe  

0b0410a106ce1660cba2aabd69d150ac


PWS .NET framework RAT UPX Malicious Packer OS Processor Check .NET EXE PE32 PE File 		2 M ZeroCERT

14024 2023-04-05 09:09 one1.txt.ps1  

87526ee2ef30a987f5b7089ab517adba


Generic Malware Antivirus VirusTotal Malware powershell Check memory unpack itself powershell.exe wrote WriteConsoleW Windows Cryptographic key 		2.8 15 ZeroCERT

14025 2023-04-05 09:05 1.bat  

c4ec63daacb14464b4e8c3fe68cd7df3


Downloader Create Service DGA Socket DNS Code injection HTTP PWS[m] Sniff Audio Steal credential Http API P2P Internet API Escalate priviledges FTP KeyLogger ScreenShot AntiDebug AntiVM suspicious privilege Check memory Checks debugger Creates shortcut unpack itself Windows utilities WriteConsoleW Windows ComputerName Cryptographic key 		3.6 ZeroCERT

keyword