Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	VT	Player
14311	2021-11-01 09:57	vbc.exe 1463a8e3cbd8b63c709495a91ff95506 PWS .NET framework Generic Malware AntiDebug AntiVM PE File PE32 .NET EXE VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself				8.2	22	guest

14312	2021-11-01 10:27	oldmystat2.dll ba810a8879b6ba2cccd49e28789fb059 PE64 PE File DLL Checks debugger RWX flags setting unpack itself crashed		1		1.4		ZeroCERT

14313	2021-11-01 10:30	DimenSaint.exe d1467f50022d8c25d69d80fceb9d2f32 VMProtect Malicious Library PE File PE32 VirusTotal Malware Check memory unpack itself				3.2	41	ZeroCERT

14314	2021-11-01 10:30	171.exe f1542d07c0aa2b2727b4ebdeeabc21f4 Gen1 Gen2 Malicious Library UPX Malicious Packer ASPack PE File PE32 DLL OS Processor Check JPEG Format Malware download Raccoon VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency RecordBreaker MachineGuid Malicious Traffic Check memory buffers extracted Creates executable files unpack itself Collect installed applications AppData folder suspicious TLD installed browsers check Stealer Windows Browser Email ComputerName DNS	4 Keyword trend analysis	4	7 Info ET DNS Query to a .top domain - Likely Hostile ET INFO HTTP Request to a .top domain ET MALWARE Win32.Raccoon Stealer CnC Activity (dependency download) ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response ET MALWARE Win32.Raccoon Stealer Data Exfil Attempt	8.0	24	ZeroCERT

14315	2021-11-01 10:31	trendmicro2.dll af41813cc051b8d0c9c418e99ba345c6 Generic Malware Malicious Packer Malicious Library UPX PE64 PE File OS Processor Check DLL VirusTotal Malware Checks debugger RWX flags setting unpack itself crashed		1		2.4	32	ZeroCERT

14316	2021-11-01 10:32	Async7842.exe a1fc890ea630be2c1efd80062ce12b18 RAT PWS .NET framework Generic Malware Malicious Packer Malicious Library UPX PE File OS Processor Check PE32 .NET EXE Malware download AsyncRAT Dridex NetWireRC TrickBot VirusTotal Malware Kovter DNS DDNS		2	3	1.6	40	ZeroCERT

14317	2021-11-01 10:33	7632just.exe 00d8921a30d82b0b25d66fd146839f77 Generic Malware Malicious Packer PE File PE32 .NET EXE VirusTotal Malware Buffer PE suspicious privilege MachineGuid Check memory Checks debugger buffers extracted WMI unpack itself human activity check Windows ComputerName DNS DDNS		2	1	7.4	60	ZeroCERT

14318	2021-11-01 10:34	file.exe 26cfda1eb8720a98da6b1f7f83bb24d1 RAT PWS .NET framework Generic Malware SMTP KeyLogger AntiDebug AntiVM PE File PE32 .NET EXE VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName DNS crashed		1		11.0	31	ZeroCERT

14319	2021-11-01 10:35	AsyncClient.exe d4b8b8cfd3b479a8138cd750c58a7c82 RAT PWS .NET framework Generic Malware Malicious Packer Malicious Library UPX PE File OS Processor Check PE32 .NET EXE Malware download AsyncRAT Dridex NetWireRC TrickBot VirusTotal Malware Kovter DNS DDNS		2	3	1.6	49	ZeroCERT

14320	2021-11-01 10:36	174.exe 497287b2c0270f7502b8797c72b36055 Emotet NPKI Malicious Library UPX Anti_VM PE File PE32 OS Processor Check VirusTotal Malware AutoRuns Checks debugger Windows utilities AntiVM_Disk VM Disk Size Check Windows Remote Code Execution				3.0	29	ZeroCERT

14321	2021-11-01 10:37	mnew2.exe c1e830b712af9f5451dfbd92eb929534 RAT PWS .NET framework Generic Malware DNS SMTP KeyLogger AntiDebug AntiVM PE File PE32 .NET EXE VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName DNS crashed		1		11.2	44	ZeroCERT

14322	2021-11-01 10:39	Host.exe f3304cc314d7e62b283f262f01a6bcdf NetWire RAT Malicious Library UPX PE File OS Processor Check PE32 VirusTotal Malware Checks debugger ComputerName DNS DDNS		2	1	2.4	50	ZeroCERT

14323	2021-11-01 10:39	systemdc.exe 91679f42cd3ba051b5c7ce37d45b222c RAT PWS .NET framework Generic Malware DNS AntiDebug AntiVM PE File PE32 .NET EXE FormBook Malware download VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself	6 Keyword trend analysis Info http://www.dailygossiping.com/pufi/?2dp=GXvFuzK1bbdgitiLy2HfWnxGjRuymxDWMFylOe4VKkbB997oiWy8PH6Pu7w9CriLIOiICFqr&CXL05P=YthDaVVxJrCHangP http://www.donaldpowers.store/pufi/?2dp=nyHN3ANVlMAzfqaDgI1iNAQsgXcCValkrJwU6bpJcZrtEB2xC+87EoJfCKs3HzM0uPrvSfK0&CXL05P=YthDaVVxJrCHangP http://www.theebook.guru/pufi/?2dp=yZeAx72MwuebGnH7K2ntDPIyrjVMlRQpn3vr6r+H7IZJ74ho+aX1X9dYNRdxqYqzftYd8OGM&CXL05P=YthDaVVxJrCHangP http://www.homestechs.com/pufi/?2dp=J8l+crML0CFixOA74eEKVQ0DbEDp6umDNli43l94G4Hz10Bpex1w9bL3u7hc8KG05T5PfqbC&CXL05P=YthDaVVxJrCHangP http://www.ndust.net/pufi/?2dp=y124CMd3X80IKlF1ruJkpyWQk/ERSxpAry48nMXi4iIdJ9a4kPTCTgPsVWTUHiVYZjE0BVO6&CXL05P=YthDaVVxJrCHangP http://www.zarazira.com/pufi/?2dp=LNXC60SoBf7zTwHpn45Ux7MWrSY17JA4zzxkevpqeQDEjmNIxD8rKqPbbeup1JXySujJr6n8&CXL05P=YthDaVVxJrCHangP	15 Info www.theebook.guru(51.89.9.188) www.northfacemall.online() www.zarazira.com(78.47.57.7) www.rescueandrestoreministries.net(51.210.64.36) www.homestechs.com(5.79.71.161) www.ndust.net(104.18.26.58) www.donaldpowers.store(172.67.69.69) www.dailygossiping.com(74.220.199.6) 74.220.199.6 - mailcious 51.210.64.36 5.79.71.161 78.47.57.7 51.89.9.188 104.26.11.41 104.18.26.58	1	9.4	41	ZeroCERT

14324	2021-11-01 10:41	razzia.exe 9b27bb9d633040a01a964d12b40b144f Themida Packer PE64 PE File VirusTotal Malware unpack itself Windows crashed				3.0	42	ZeroCERT

14325	2021-11-01 10:42	aut.exe 06de5d7a4d6459a95b3027489fb6c169 RAT PWS .NET framework Generic Malware SMTP KeyLogger ScreenShot AntiDebug AntiVM PE File PE32 .NET EXE VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName DNS crashed		1		11.8	43	ZeroCERT