Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
14086	2023-04-02 15:33	sex777.exe 943d66043301745e07da302743041496 PWS .NET framework RAT .NET EXE PE32 PE File Browser Info Stealer VirusTotal Malware Cryptocurrency wallets Cryptocurrency Telegram Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces IP Check Tofsee Browser ComputerName DNS	1 Keyword trend analysis	4	5	5.2	M	41	ZeroCERT

14087	2023-04-02 15:31	380.exe 9665de160f7695ba54117e9e3619564c Malicious Library PE32 PE File VirusTotal Malware Check memory RWX flags setting unpack itself AntiVM_Disk sandbox evasion VM Disk Size Check Browser DNS		1		5.2	M	45	ZeroCERT

14088	2023-04-02 15:30	fotocr.exe 3a11872274727385e77e57a186565536 Gen1 Emotet UPX Malicious Library CAB PE32 PE File Browser Info Stealer FTP Client Info Stealer AutoRuns PDB suspicious privilege Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Disables Windows Security Collect installed applications AntiVM_Disk VM Disk Size Check installed browsers check Windows Update Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed		1		10.4			ZeroCERT

14089	2023-04-02 13:08	cc1be3c6d243a4d8f90e87c84709d4... 9fddc313ba5774bdc646aef46d2de313 Gen1 UPX Malicious Packer PE32 PE File VirusTotal Malware Remote Code Execution				0.6		1	BRY

14090	2023-04-02 12:54	latest-logging-config.data 165d7b3fa08ee81ad6979792b57dea4f AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName				3.4			BRY

14091	2023-04-02 09:09	handdiy_6.exe 6418bc223b6880e2276b4ef2415544b1 AgentTesla Gen2 Trojan_PWS_Stealer browser info stealer Credential User Data Google Chrome Downloader UPX Malicious Library SQLite Cookie Malicious Packer Create Service DGA Socket DNS BitCoin Code injection HTTP PWS[m] Sniff Audio Steal credent Browser Info Stealer VirusTotal Malware suspicious privilege Code Injection Checks debugger WMI Creates executable files exploit crash unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW installed browsers check Tofsee Windows Exploit Browser ComputerName Remote Code Execution DNS crashed	1 Keyword trend analysis	4	3	10.0		54	ZeroCERT

14092	2023-04-02 09:03	updater.exe a04a12bd76283170bc83848686e4f946 UPX Malicious Library OS Processor Check PE64 PE File Malware download VirusTotal Cryptocurrency Miner Malware Cryptocurrency PDB Malicious Traffic Creates executable files DNS CoinMiner	3 Keyword trend analysis	5	3	5.0	M	34	ZeroCERT

14093	2023-04-02 09:00	svhosts.exe 0a935300ad790ad8d03666b1f14e73a4 UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware PDB unpack itself				2.2	M	42	ZeroCERT

14094	2023-04-02 09:00	666.exe ba82f3818c68b163d9e4ad26aff88911 Malicious Library PE32 PE File VirusTotal Malware RWX flags setting unpack itself DNS		1		4.8	M	56	ZeroCERT

14095	2023-04-02 08:58	Redline2.exe 07ed3cf75dcfb540175c949c271e936a PWS .NET framework RAT UPX OS Processor Check .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Windows Browser ComputerName DNS Cryptographic key Software crashed		1		6.2	M	58	ZeroCERT

14096	2023-04-02 08:58	527dcac0-7266-48b4-893b-a2ee87... 13e943e4a218b36c30fcc7fe865d5d93 .NET EXE PE32 PE File VirusTotal Malware PDB Check memory Checks debugger unpack itself				1.8		28	ZeroCERT

14097	2023-04-02 08:56	9a3e5c94-0917-4b87-b1e2-540783... 041b96460a5646b883436e0b327829eb UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware unpack itself crashed				2.0		36	ZeroCERT

14098	2023-04-02 08:54	ntvdm64.exe 5d27d7c444aa9ac075cf892d70357e54 PE64 PE File VirusTotal Malware Creates executable files unpack itself				2.4		9	ZeroCERT

14099	2023-04-02 08:54	clip64.dll 9e9f6b48159690d4916e38b26d8f92cb UPX Malicious Library Admin Tool (Sysinternals etc ...) OS Processor Check DLL PE32 PE File VirusTotal Malware PDB Checks debugger unpack itself				2.0	M	59	ZeroCERT

14100	2023-04-02 08:52	drub.exe 7f9a558c286182185482a0406820c176 RAT Generic Malware Antivirus SMTP KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote Check virtual network interfaces suspicious process Windows Browser Email ComputerName DNS Cryptographic key Software crashed		1		14.2	M	46	ZeroCERT