popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
14116 2023-04-14 18:05 sydney.exe  

22f586f44c42f4391e56f4fa69a4a15f


Admin Tool (Sysinternals etc ...) SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed 		1 2 1 12.4 M 28 ZeroCERT

14117 2023-04-14 18:05 update_v101.exe  

5505dc203820a5a773695fbdb25d79ea


Generic Malware Themida Packer UPX .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Check memory Checks debugger buffers extracted unpack itself Checks Bios Collect installed applications Detects VMWare VMware anti-virtualization installed browsers check Windows Browser ComputerName Firmware Cryptographic key Software crashed 		2 8.8 M 31 ZeroCERT

14118 2023-04-14 17:49 contents  

c3d54390a6d81bdb1556803767d040e9


AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed 		3.8 BRY

14119 2023-04-14 17:49 31A1C087-CB71-4F3D-8B97-898F09...  

c7392844239a6c803c44ccd7c4f8b267


ZIP Format 		guest

14120 2023-04-14 17:49 contents  

c3d54390a6d81bdb1556803767d040e9


Downloader Create Service DGA Socket DNS Hijack Network Code injection HTTP PWS[m] Sniff Audio Steal credential Http API P2P Internet API Escalate priviledges persistence FTP KeyLogger ScreenShot AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed 		2 4.2 BRY

14121 2023-04-14 13:40 payload2.dll  

f249ab6266b09f71f05c85a966f8f3d7


PWS .NET framework RAT UPX Malicious Library Malicious Packer OS Processor Check .NET EXE PE File PE32 Malware download AsyncRAT NetWireRC VirusTotal Malware DNS DDNS 		2 3 1.6 53 ZeroCERT

14122 2023-04-14 13:20 AprilW(uWfJ74197).wsf  

d094a6e4776835a7f3bd1ed376b8f909


Generic Malware Keylogger Discord Admin Tool (Sysinternals etc ...) Antivirus AntiDebug AntiVM suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself suspicious process Windows ComputerName Cryptographic key 		6 5.6 ZeroCERT

14123 2023-04-14 09:33 2016iibfex.doc  

b574064bb7329b774bb0ffdb9aeaab32


MSOffice File RWX flags setting exploit crash unpack itself Exploit DNS crashed 		1 2.8 ZeroCERT

14124 2023-04-14 09:31 unknown.exe  

ceab7da20b9fa2398c0c27e6398e7c84


RAT UPX Malicious Library Malicious Packer PE File 		ZeroCERT

14125 2023-04-14 09:30 unknown.exe  

a765f8edaa51aba85e51aa075cf73bf7


PWS .NET framework RAT UPX Malicious Library Malicious Packer OS Processor Check .NET EXE PE32 PE File Malware download AsyncRAT NetWireRC Malware DNS DDNS 		2 3 0.4 ZeroCERT

14126 2023-04-14 09:30 Keep.Exmw6519.wsf  

a4715df1a2ce5a56194aa2a4bca18930


Generic Malware Antivirus AntiDebug AntiVM powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself suspicious process Windows ComputerName Cryptographic key 		6 5.6 ZeroCERT

14127 2023-04-14 09:30 RegSvcs.exe  

3f3bc2cfcf6ca2ac3768db065eee1cc3


PE File 		ZeroCERT

14128 2023-04-14 09:28 .Final.txt.ps1  

cb3bcf1bb12ccd8b563fb373bf306a7f


Generic Malware Antivirus VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut Creates executable files unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key 		3 2 1 9.4 18 ZeroCERT

14129 2023-04-14 09:28 PDFViewer.exe  

fca9b3315dc5611a8a3d6a2abb838e30


PWS .NET framework RAT UPX OS Processor Check .NET EXE PE32 PE File PDB MachineGuid Check memory Checks debugger unpack itself ComputerName crashed 		1.6 18 guest

14130 2023-04-14 09:27 .Final.txt.ps1  

985b35d3bc3a2a8b18c317d6306181a3


Generic Malware Antivirus VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut Creates executable files unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key 		3 2 1 9.6 20 ZeroCERT

keyword