Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
14461 2023-03-28 08:35 111.exe  

6512741ded1505a7b3dc528d8a337ee5


Malicious Library PE32 PE File VirusTotal Malware PDB Check memory unpack itself AntiVM_Disk sandbox evasion VM Disk Size Check Browser DNS
1 1 3.8 50 ZeroCERT

14462 2023-03-28 08:25 unknown.exe  

87366b4da9f888d5abf85274074d4156


RAT UPX Malicious Library OS Processor Check .NET EXE PE32 PE File suspicious privilege MachineGuid Check memory Checks debugger unpack itself AntiVM_Disk VM Disk Size Check Windows ComputerName keylogger
3.2 ZeroCERT

14463 2023-03-28 08:22 dk.exe  

4ef3bfe67588ffebb595fce72889a5ad


RAT UPX AntiDebug AntiVM .NET EXE PE32 PE File FormBook Malware download VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself DNS
14 15 4 8.8 M 42 ZeroCERT

14464 2023-03-28 08:21 wwa.exe  

53622e61772d39cd6868b89aaabb8249


RAT Gen1 email stealer Downloader UPX Malicious Packer Malicious Library Socket ScreenShot DNS Code injection PWS[m] Sniff Audio KeyLogger Escalate priviledges persistence AntiDebug AntiVM .NET EXE PE32 PE File OS Processor Check DLL Browser Info Stealer Malware download AveMaria NetWireRC VirusTotal Email Client Info Stealer Malware AutoRuns MachineGuid Code Injection Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself AppData folder malicious URLs AntiVM_Disk VM Disk Size Check installed browsers check Windows Browser RAT Email ComputerName DNS
3 2 13.0 47 ZeroCERT

14465 2023-03-28 08:20 script.ps1  

ab5fc61f3bff95a184793280a69fb709


Generic Malware Antivirus powershell AutoRuns Check memory unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName DNS Cryptographic key
2 3 1 6.6 M ZeroCERT

14466 2023-03-28 08:19 vbc.exe  

e90d3ec392d44522f55a0cf054c211a9


PWS .NET framework SMTP PWS[m] KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed keylogger
1 2 5 13.4 34 ZeroCERT

14467 2023-03-28 08:18 STUB.VBS  

acd59921a2cc83f7afa97f7170edff34


Generic Malware Antivirus powershell suspicious privilege Check memory Checks debugger Creates shortcut Creates executable files unpack itself Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key
1 2 1 8.0 M ZeroCERT

14468 2023-03-28 08:16 codeexe.ps1  

63d3846c74a6583c03f0b2a1f2fbce77


Generic Malware Antivirus powershell Check memory heapspray unpack itself WriteConsoleW Windows Cryptographic key
1.6 M ZeroCERT

14469 2023-03-28 08:06 invoice#91273.js  

c6a07509b7612ce8000b929c058bc92a


Generic Malware Antivirus powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key
5.8 ZeroCERT

14470 2023-03-27 17:34 notepadp.exe  

4057acbd036de09b67259254135aa554


UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware unpack itself Remote Code Execution
2.0 M 39 ZeroCERT

14471 2023-03-27 17:18 nerino.exe  

4e9932a21816959b576ac87a41855cce


UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware PDB unpack itself Remote Code Execution
2.0 22 ZeroCERT

14472 2023-03-27 17:18 notepadp.exe  

4057acbd036de09b67259254135aa554


UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware unpack itself Remote Code Execution
2.0 M 39 ZeroCERT

14473 2023-03-27 11:27 Wyciek-NFZ-16-03-2023.xlsx  

67126c10471b06d8a5b86d78bd6052f4


ZIP Format exploit crash unpack itself Exploit crashed
1.8 M ZeroCERT

14474 2023-03-27 10:57 t.msi  

a62037c1812df2774da6257f465d5b78


Gen2 Malicious Library ASPack UPX OS Processor Check CAB MSOffice File DLL PE32 PE File VirusTotal Malware Buffer PE suspicious privilege Check memory Checks debugger buffers extracted unpack itself AppData folder AntiVM_Disk VM Disk Size Check ComputerName DNS
4 8 6.2 7 ZeroCERT

14475 2023-03-27 10:57 clip64.dll  

104ac57c9dda07fb60fb09f4f2a638f4


UPX Malicious Library Admin Tool (Sysinternals etc ...) OS Processor Check DLL PE32 PE File VirusTotal Malware PDB Checks debugger unpack itself
2.0 M 53 ZeroCERT