Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
14041 2021-10-26 10:36 ConsoleApp15.exe  

9c8282590f9bc40955ca14389309fe86


RAT Generic Malware SMTP KeyLogger AntiDebug AntiVM PE File PE32 .NET EXE VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Windows ComputerName DNS Cryptographic key DDNS crashed
1 2 10.2 23 guest

14042 2021-10-26 10:36 ConsoleApp15.exe  

9c8282590f9bc40955ca14389309fe86


RAT Generic Malware SMTP KeyLogger AntiDebug AntiVM PE File PE32 .NET EXE VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Windows ComputerName DNS Cryptographic key DDNS crashed
1 2 10.2 23 guest

14043 2021-10-26 10:45 reason.xlsx  

9adafeb992d82eba6e4c5d1e420a48ef


KeyLogger ScreenShot Escalate priviledges AntiDebug AntiVM MSOffice File suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted exploit crash unpack itself AntiVM_Disk VM Disk Size Check human activity check Windows Exploit ComputerName DNS Cryptographic key DDNS crashed
2 6 3 1 9.6 guest

14044 2021-10-26 10:56 reason.xlsx  

9adafeb992d82eba6e4c5d1e420a48ef


KeyLogger ScreenShot AntiDebug AntiVM MSOffice File Vulnerability MachineGuid Checks debugger buffers extracted exploit crash unpack itself Windows Exploit DNS DDNS crashed
2 5 3 1 6.0 guest

14045 2021-10-26 11:43 service.exe  

98c9398c958e6b0280c15108cde96186


Malicious Packer UPX PE File PE32 VirusTotal Malware RWX flags setting crashed
1.8 23 ZeroCERT

14046 2021-10-26 11:45 EDG.exe  

f85ca66e06121eb29b26d78cc3f64554


Generic Malware UPX DNS AntiDebug AntiVM PE File PE32 .NET EXE VirusTotal Malware Buffer PE AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted WMI unpack itself Windows utilities suspicious process WriteConsoleW human activity check Windows ComputerName DNS DDNS
2 15.2 38 ZeroCERT

14047 2021-10-26 11:45 dwm.exe  

f88c058646225de6e3cddc39ea0c9ff7


Malicious Packer UPX PE File PE32 VirusTotal Malware RWX flags setting unpack itself crashed
2.2 29 ZeroCERT

14048 2021-10-26 11:47 Sample_10120351200_ISO_035150....  

517aa302ce274d9e3d4964454a4a8391


RAT Generic Malware AntiDebug AntiVM PE File PE32 .NET EXE VirusTotal Malware Buffer PE AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName
10.4 26 ZeroCERT

14049 2021-10-26 13:41 note866.exe  

77294635b863561ecd6267711c5222a2


UPX PE File PE32 Browser Info Stealer VirusTotal Malware Malicious Traffic Check memory unpack itself Tofsee Interception Browser Remote Code Execution DNS crashed
2 3 1 1 5.4 M 37 ZeroCERT

14050 2021-10-26 13:44 vpn.exe  

4dd57eb8ea614ca43e679abeaf5351bf


Gen1 Generic Malware Malicious Library UPX Malicious Packer Admin Tool (Sysinternals etc ...) PE File PE32 DLL PNG Format OS Processor Check PE64 VirusTotal Malware suspicious privilege Checks debugger Creates executable files unpack itself AppData folder
2.8 2 ZeroCERT

14051 2021-10-26 14:26 HSBC_2021-25-10-017822019.exe  

21dc547b12a42d23141c3a6321518e83


RAT PWS .NET framework Generic Malware PE File PE32 .NET EXE VirusTotal Malware PDB
1.2 15 ZeroCERT

14052 2021-10-26 14:28 DHL-Fattura-446732-9302.xls  

2172d539dfc31f78f87363c9837fc788


VBA_macro Generic Malware MSOffice File VirusTotal Malware RWX flags setting unpack itself
1.6 23 ZeroCERT

14053 2021-10-26 14:35 note866.exe  

77294635b863561ecd6267711c5222a2


Malicious Library UPX PE File PE32 Browser Info Stealer VirusTotal Malware Malicious Traffic Check memory ICMP traffic unpack itself Tofsee Interception Browser Remote Code Execution DNS crashed
2 3 1 1 6.2 M 37 r0d

14054 2021-10-26 14:41 note866.exe  

77294635b863561ecd6267711c5222a2


Malicious Library UPX PE File PE32 Browser Info Stealer VirusTotal Malware Malicious Traffic Check memory ICMP traffic unpack itself Tofsee Interception Browser Remote Code Execution DNS crashed
2 3 1 1 6.2 M 37 guest

14055 2021-10-26 14:50 FORM_PIX EYMVDUI.msi  

f2836216ca554dfdc8a300decb644911


Gen2 Generic Malware Malicious Packer Malicious Library OS Processor Check MSOffice File VirusTotal Malware
0.8 21 ZeroCERT