Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
14386 2023-03-30 18:58 vbc.exe  

291a20fef6482b753cc6e9cc3d6bc292


UPX Malicious Library PE32 PE File VirusTotal Malware suspicious privilege Check memory Creates executable files unpack itself
3.4 M 46 guest

14387 2023-03-30 16:51 vbc.exe  

92a24824d555bc8f4a947992d85027b0


UPX Malicious Library PE32 PE File FormBook Malware download VirusTotal Malware suspicious privilege Malicious Traffic Check memory Creates executable files unpack itself
26 24 2 19 4.4 M 35 ZeroCERT

14388 2023-03-30 16:51 vbc.exe  

291a20fef6482b753cc6e9cc3d6bc292


UPX Malicious Library PE32 PE File FormBook Malware download VirusTotal Malware suspicious privilege Malicious Traffic Check memory Creates executable files ICMP traffic unpack itself DNS
21 21 3 17 6.0 M 46 ZeroCERT

14389 2023-03-30 16:43 lega.exe  

1a5f749669d8b3a12463fdf8b7cc3f83


RedLine stealer[m] Gen1 Emotet PWS .NET framework RAT NPKI RedLine Stealer Generic Malware UPX Malicious Library Antivirus Malicious Packer Admin Tool (Sysinternals etc ...) Confuser .NET SMTP PWS[m] AntiDebug AntiVM CAB PE32 PE File OS Processor Check .N Browser Info Stealer Malware download Amadey FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency AutoRuns PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates shortcut Creates executable files RWX flags setting unpack itself Windows utilities Disables Windows Security Collect installed applications suspicious process AppData folder AntiVM_Disk WriteConsoleW VM Disk Size Check installed browsers check Tofsee Ransomware Windows Update Browser Email ComputerName Remote Code Execution Trojan DNS Cryptographic key Software crashed Downloader
11 13 10 24.6 M 36 ZeroCERT

14390 2023-03-30 16:42 clip64.dll  

6a4c2f2b6e1bbce94b4d00e91e690d0d


UPX Malicious Library Admin Tool (Sysinternals etc ...) OS Processor Check DLL PE32 PE File VirusTotal Malware PDB Checks debugger unpack itself
2.0 M 42 ZeroCERT

14391 2023-03-30 16:40 vbc.exe  

a3b0daf59ad3e6d2e465ea72ea83c4e0


UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware unpack itself Remote Code Execution DNS
1 2.6 M 36 ZeroCERT

14392 2023-03-30 16:38 white.exe  

89a133e7158e8bb6e2614a7c9bd7ff5d


NPKI Gen1 UPX Malicious Packer Malicious Library PE32 PE File OS Processor Check DLL Browser Info Stealer VirusTotal Email Client Info Stealer Malware Malicious Traffic Check memory Creates executable files unpack itself Collect installed applications sandbox evasion anti-virtualization installed browsers check Windows Browser Email ComputerName DNS crashed
8 1 3 7.2 7 ZeroCERT

14393 2023-03-30 16:34 xme.exe  

48efad145d5274859e353e1cf8018e45


Emotet RAT AntiDebug AntiVM .NET EXE PE32 PE File FormBook Malware download VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows Cryptographic key
10 12 2 9.4 M 44 ZeroCERT

14394 2023-03-30 16:33 vbc.exe  

921fba8af6c955c0fc7c8206e833bbe4


PWS .NET framework RAT Generic Malware Antivirus AntiDebug AntiVM .NET EXE PE32 PE File FormBook Malware download VirusTotal Malware PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key
1 4 1 1 10.4 M 21 ZeroCERT

14395 2023-03-30 16:32 tmpBEB8.tmp.exe  

5aa405d35131a36ce1647c6937d3e529


PWS .NET framework RAT .NET EXE PE32 PE File VirusTotal Malware Check memory Checks debugger unpack itself ComputerName
1.8 M 28 ZeroCERT

14396 2023-03-30 16:29 25.....25.............doc  

2c5cf406f3e4cfa448b167751eaea73b


Loki MS_RTF_Obfuscation_Objects RTF File doc LokiBot Malware download VirusTotal Malware c&c Malicious Traffic exploit crash unpack itself Windows Exploit DNS crashed Downloader
2 2 16 1 5.0 M 31 ZeroCERT

14397 2023-03-30 16:17 Stork.vbs  

8d4e3f96fb554ff1db02b999210126d6


Generic Malware Antivirus VirusTotal Malware powershell suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates shortcut unpack itself Windows utilities suspicious process Windows ComputerName DNS Cryptographic key crashed
1 1 9.0 M 4 guest

14398 2023-03-30 16:03 Kionectomy1.vbs  

305ec8dca6e74b54c808d4796374676c


Generic Malware Antivirus VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself Windows utilities suspicious process Windows ComputerName Cryptographic key crashed
7.0 12 guest

14399 2023-03-30 09:23 info.pdf  

a05bb251aa7a4b93f443023a6b8c8b67


PDF ZIP Format Windows utilities Windows DNS
5 1 2.0 M ZeroCERT

14400 2023-03-30 09:22 run.vbs  

530c052db1411cc1d2a9e37da4def497


Generic Malware Antivirus VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut Creates executable files unpack itself suspicious process WriteConsoleW Windows ComputerName Cryptographic key
1 6.0 15 ZeroCERT