popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
14131 2023-04-14 09:24 sets.ps1  

9f797334ceca4dbf0f9fde8bad8cdc24


Generic Malware Antivirus VirusTotal Malware AutoRuns Check memory unpack itself WriteConsoleW Windows Cryptographic key 		1 2.6 6 guest

14132 2023-04-14 07:42 Corridor%20NYC%20Project%20Pla...  

a871fae6b1494686545ee1f783722c15


PDF ZIP Format Windows utilities Windows 		5 1.4 ZeroCERT

14133 2023-04-13 18:15 poweroff.exe  

4de7538747bf36f826099aceed872175


PWS .NET framework RAT UPX .NET EXE PE32 PE File VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself 		2.6 M 52 ZeroCERT

14134 2023-04-13 18:14 up-do-dat-TRURNfy8CgzSgm9K.exe  

f32b8def722876287f9424f3f3c41d2e


njRAT North Korea Generic Malware UPX OS Processor Check .NET EXE PE32 PE File VirusTotal Malware Check memory Checks debugger unpack itself crashed 		2.6 49 ZeroCERT

14135 2023-04-13 16:59 FL2.exe  

65f8ca11d9a18baf3fecf7797b9ba867


Emotet PWS .NET framework RAT Gen1 UPX Malicious Library MZP Format PE32 PE File DLL OS Processor Check .NET EXE PE64 VirusTotal Malware AutoRuns MachineGuid Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files ICMP traffic unpack itself Check virtual network interfaces AppData folder Tofsee Windows ComputerName crashed 		8 13 2 4 7.6 M 27 ZeroCERT

14136 2023-04-13 16:57 azor.exe  

84572342b63722bec9aa780e7290dd05


PWS .NET framework RAT UPX OS Processor Check .NET EXE PE32 PE File VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger unpack itself Windows ComputerName Cryptographic key crashed 		5.6 M 44 ZeroCERT

14137 2023-04-13 16:55 bodya.exe  

85ba8fa95c94e8014afd16f176033044


RedLine stealer[m] RAT UPX AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Windows Browser ComputerName DNS Cryptographic key crashed 		1 10.6 M 38 ZeroCERT

14138 2023-04-13 16:54 bin-cr.exe  

50d9ad764597d6970f0480b58c4cf88e


NPKI PWS .NET framework RAT .NET EXE PE32 PE File VirusTotal Malware Check memory Checks debugger unpack itself ComputerName 		2.2 M 42 ZeroCERT

14139 2023-04-13 16:51 auto.dll  

f983bbe67c157f9debd63b5d434982a0


Generic Malware DLL PE64 PE File VirusTotal Malware unpack itself ComputerName 		1.8 M 19 r0d

14140 2023-04-13 15:48 cdump.exe  

6799f43f598169aebc476455c624f014


UPX PE32 PE File Browser Info Stealer VirusTotal Malware WriteConsoleW Browser 		3.2 M 48 r0d

14141 2023-04-13 09:54 File_pass1234.7z  

5ce7e6a25d84c2c2dbcb96b30a608643


PWS[m] Escalate priviledges KeyLogger AntiDebug AntiVM Malware suspicious privilege Malicious Traffic Check memory Checks debugger Creates executable files unpack itself IP Check Tofsee DNS 		4 9 2 1 4.2 M ZeroCERT

14142 2023-04-13 09:49 ClaimCopy-1337.pdf  

fa243a28cdcbca70891853bfbbead0c1


Code injection PDF AntiDebug AntiVM MSOffice File Browser Info Stealer MachineGuid Code Injection Checks debugger Creates shortcut RWX flags setting exploit crash unpack itself Windows utilities malicious URLs human activity check installed browsers check Ransomware Windows Exploit Browser crashed keylogger 		3 3 9.4 ZeroCERT

14143 2023-04-13 09:33 xo.exe  

18116ef04d182e14002d6d0928bf4283


UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware Checks debugger unpack itself 		1.8 M 41 ZeroCERT

14144 2023-04-13 09:20 cdump.exe  

6799f43f598169aebc476455c624f014


PE32 PE File Browser Info Stealer VirusTotal Malware WriteConsoleW Browser 		3.2 M 48 ZeroCERT

14145 2023-04-13 09:18 Qlzkyfcl.wsf  

4b62317026915bef2b7980659f5f4b6e


Generic Malware Antivirus AntiDebug AntiVM powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself suspicious process Windows ComputerName Cryptographic key 		8 5.6 ZeroCERT

keyword