Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
14386	2023-03-20 11:29	St4_soft.exe 1431d295525534f244dd34a8a311b87f Emotet UPX Malicious Library Anti_VM Malicious Packer Create Service Socket ScreenShot DNS PWS[m] KeyLogger Escalate priviledges persistence BitCoin AntiDebug AntiVM OS Processor Check PE64 PE File VirusTotal Email Client Info Stealer Malware MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities suspicious process malicious URLs Ransomware Windows Email ComputerName DNS crashed		1		11.6		45	ZeroCERT

14387	2023-03-20 11:28	os2.exe ceea1dc43163e1ab1bda2fbbac5cfda8 Gen1 Emotet Generic Malware UPX Malicious Library Malicious Packer Anti_VM Admin Tool (Sysinternals etc ...) OS Processor Check PE64 PE File DLL PE32 ZIP Format VirusTotal Malware Check memory Creates executable files AppData folder				2.4	M	21	ZeroCERT

14388	2023-03-20 11:26	photo_004.exe 860db1940e9714b45f96f2a4d67909d0 UPX Malicious Library PE32 PE File PDB unpack itself				1.0	M		ZeroCERT

14389	2023-03-20 11:24	lend122.exe 7cf6b1d778d8e768db95c09e6896c63c UPX Malicious Library PE32 PE File VirusTotal Malware PDB unpack itself Remote Code Execution				2.8	M	54	ZeroCERT

14390	2023-03-20 11:23	froiiiiiS54AqSO8x6.exe 7cd39f854e71cb4fc42e0318032d0c4c Malicious Library AntiDebug AntiVM PE64 PE File VirusTotal Malware Buffer PE PDB MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key crashed				6.8	M	40	ZeroCERT

14391	2023-03-20 11:22	33333.doc bcb9dddc3a3c81e74a45cd2d2ddf7b5f MS_RTF_Obfuscation_Objects Anti_VM RTF File doc VirusTotal Malware buffers extracted RWX flags setting exploit crash Tofsee Exploit crashed	1 Keyword trend analysis	2	1	4.0	M	31	ZeroCERT

14392	2023-03-20 11:21	sqlcmd.exe 562348e8dbd71f796420599713c73c02 Generic Malware UPX Malicious Library Malicious Packer Antivirus OS Processor Check PE32 PE File PowerShell VirusTotal Malware powershell suspicious privilege MachineGuid Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process AppData folder WriteConsoleW Tofsee Windows ComputerName Remote Code Execution Cryptographic key	8 Keyword trend analysis Info https://kialux.com/images/operator/debug2.ps1 https://kialux.com/images/operator/ab2.exe https://kialux.com/images/operator/ab3.exe https://kialux.com/images/operator/ab4.exe https://kialux.com/images/operator/ab5.exe https://kialux.com/images/operator/ab1.php https://kialux.com/images/operator/ab2.php https://kialux.com/images/operator/ab3.php	2	2	10.0	M	47	ZeroCERT

14393	2023-03-20 10:19	lap.exe aa3321fbcbc033da9e097aacf740fdc5 Malicious Library PE32 PE File VirusTotal Malware PDB unpack itself				1.8	M	26	ZeroCERT

14394	2023-03-20 10:17	cs.ps1 2d14fc0abc9432b32d79353b89b9c294 Generic Malware Antivirus VirusTotal Malware Check memory unpack itself WriteConsoleW Windows DNS Cryptographic key		1		3.0	M	5	ZeroCERT

14395	2023-03-20 10:15	ChromeFIX_errorMEM.exe 74b6b35627f6453d787f1c7ea3b9ec33 UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware unpack itself crashed				2.2	M	42	ZeroCERT

14396	2023-03-20 10:13	putty.exe 503ad71c49fe0f7ad1a9fac50a6a3d66 UPX Malicious Library PE32 PE File VirusTotal Malware Buffer PE PDB Checks debugger buffers extracted unpack itself sandbox evasion ComputerName DNS		2		4.2	M	23	ZeroCERT

14397	2023-03-20 10:12	siga30.exe 9f84869ee3528a6c79cba4130088571c Gen1 Emotet UPX Malicious Library CAB PE32 PE File Browser Info Stealer FTP Client Info Stealer AutoRuns PDB suspicious privilege Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Disables Windows Security Collect installed applications AntiVM_Disk VM Disk Size Check installed browsers check Windows Update Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed		1		10.4	M		ZeroCERT

14398	2023-03-20 10:11	clip64.dll a55d0c5be5767946dadbc41ff81edfe4 UPX Malicious Library Admin Tool (Sysinternals etc ...) OS Processor Check DLL PE32 PE File VirusTotal Malware PDB Checks debugger unpack itself				2.0	M	57	ZeroCERT

14399	2023-03-20 10:10	dcjXQFieoT.exe 8ec7b07f258588237cd64e4c842a96f6 Malicious Library AntiDebug AntiVM PE64 PE File VirusTotal Malware Buffer PE PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key crashed		1		7.0	M	43	ZeroCERT

14400	2023-03-20 10:09	debug.dbg 217e1ba2d22bd719d94c1faadbfef627 AntiDebug AntiVM ELF VirusTotal Email Client Info Stealer Malware suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName				4.4	M	38	ZeroCERT