Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	VT	Player
14356	2021-11-01 11:34	175.exe 109077a96c1ead8960970373eb739501 RAT NPKI Generic Malware Malicious Library UPX PE File OS Processor Check PE32 PE64 VirusTotal Malware PDB MachineGuid Check memory Checks debugger Creates executable files unpack itself				2.6	15	ZeroCERT

14357	2021-11-01 11:35	yAwEhUT.exe af923e132c07ab77eae004e642dfa15d Emotet NPKI Malicious Library UPX Anti_VM Create Service DGA Socket Steal credential DNS Internet API Hijack Network Code injection Sniff Audio HTTP KeyLogger FTP Escalate priviledges Downloader ScreenShot Http API P2P persistence AntiDebug AntiVM PE File Browser Info Stealer Malware download FTP Client Info Stealer VirusTotal Malware Buffer PE AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Windows utilities Collect installed applications Check virtual network interfaces AppData folder malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check installed browsers check SectopRAT Windows Browser Backdoor ComputerName Remote Code Execution DNS Cryptographic key Software crashed	1 Keyword trend analysis	4	1	17.6	7	ZeroCERT

14358	2021-11-01 11:37	Softw75TradingB26345.exe 258798b252e692430052f5e5be7adda0 RAT Generic Malware PE File PE32 .NET EXE VirusTotal Malware MachineGuid Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Tofsee	3 Keyword trend analysis	7	1	4.0	23	ZeroCERT

14359	2021-11-01 11:37	rollerkind.exe f12a2a6e1d8b3c7e2e998e808da6ac3a Malicious Library UPX Socket Internet API Code injection KeyLogger Escalate priviledges ScreenShot AntiDebug AntiVM PE File OS Processor Check PE32 Malware download VirusTotal Malware PDB Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder malicious URLs suspicious TLD anti-virtualization Tofsee Windows DNS Downloader	4 Keyword trend analysis	5	8 Info ET USER_AGENTS Suspicious User-Agent (AutoHotkey) ET HUNTING SUSPICIOUS Firesale gTLD EXE DL with no Referer June 13 2016 ET INFO HTTP Request to a .top domain ET DNS Query to a .top domain - Likely Hostile SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile ET POLICY PE EXE or DLL Windows file download HTTP ET HUNTING Possible EXE Download From Suspicious TLD	10.8	25	ZeroCERT

14360	2021-11-01 11:38	CariamasSuggester1500us.exe f78d81bb835b8d3b05812661d0fb40fc Malicious Library UPX PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself				2.4	45	ZeroCERT

14361	2021-11-01 11:38	rtqq.exe 39f1303c19a90e8eb92a0569de617627 RAT Generic Malware Escalate priviledges ScreenShot AntiDebug AntiVM PE File PE32 .NET EXE VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName				10.6	44	ZeroCERT

14362	2021-11-01 11:41	FastPC.exe 4e79889f1ed630cc252814f471454f0d Malicious Library UPX PE File PE32 VirusTotal Malware ICMP traffic unpack itself Tofsee crashed	1 Keyword trend analysis	2	1	4.2	41	ZeroCERT

14363	2021-11-01 11:41	instd.exe eea1c3d1ab9dd50b3dae826b35c8b138 task schedule Malicious Packer Malicious Library Code injection AntiDebug AntiVM PE File PE32 VirusTotal Malware Buffer PE AutoRuns Code Injection buffers extracted Creates executable files ICMP traffic unpack itself Windows utilities suspicious process sandbox evasion WriteConsoleW Tofsee Windows ComputerName DNS crashed		2	3	9.0	42	ZeroCERT

14364	2021-11-01 11:43	176.exe 887fcd9c9405d9942f65c58e11601ead Malicious Library UPX PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself Remote Code Execution				2.4	35	ZeroCERT

14365	2021-11-01 11:43	NutrientSeptiform300.exe 2d79fb71f371e9f758b50d7345c5913f Malicious Library UPX PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself Remote Code Execution				2.4	49	ZeroCERT

14366	2021-11-01 12:14	stash-497253553.xls 4484119a5f3be9bf820a20961f2e68b5 Downloader MSOffice File RWX flags setting unpack itself suspicious process Tofsee	3 Keyword trend analysis	6	4	3.6		guest

14367	2021-11-01 12:16	stash-497563034.xls c175b899b2ba1e07ac7d5e6bcc945f01 Downloader MSOffice File RWX flags setting unpack itself suspicious process Tofsee	3 Keyword trend analysis	6	4	3.6		guest

14368	2021-11-01 13:24	top.exe a065b00d113e42d89bcb0ef082862094 Malicious Library UPX PE File OS Processor Check PE32 VirusTotal Malware PDB unpack itself Remote Code Execution				2.4	30	ZeroCERT

14369	2021-11-01 14:14	adal.jar e83ec42ad9c282b28e4561dc5fec346d VirusTotal Malware Check memory RWX flags setting unpack itself crashed				1.8	19	ZeroCERT

14370	2021-11-01 14:18	adal.jar e83ec42ad9c282b28e4561dc5fec346d VirusTotal Malware Check memory RWX flags setting unpack itself WriteConsoleW crashed				2.0	19	ZeroCERT