Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
14476 2023-03-27 10:55 vpn-go.exe  

e38edcf41b7b13dc8837e030774cf083


PWS .NET framework RAT UPX Malicious Library Anti_VM Malicious Packer OS Processor Check .NET EXE PE32 PE File VirusTotal Malware PDB suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself
5.8 M 41 ZeroCERT

14477 2023-03-27 10:51 Lamb.pif.exe  

581176025eb809b5120fd584cb9dc237


Generic Malware UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware Checks debugger unpack itself DNS
3 22 3.2 M 36 ZeroCERT

14478 2023-03-27 10:51 Date2023.exe  

f7fd4791be2e2624b7fbb1d91ab2f539


Gen1 UPX Malicious Packer Malicious Library AntiDebug AntiVM OS Processor Check PE32 PE File DLL Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency Telegram MachineGuid Code Injection Malicious Traffic Check memory WMI Creates shortcut Creates executable files unpack itself Windows utilities Collect installed applications Check virtual network interfaces suspicious process AppData folder AntiVM_Disk sandbox evasion WriteConsoleW anti-virtualization VM Disk Size Check installed browsers check Tofsee Windows Browser Email ComputerName DNS Software
4 5 4 3 15.6 M 29 ZeroCERT

14479 2023-03-27 10:50 emefamstartup.ps1  

b9611fdaa214df556ad6c8fc582a45f6


Formbook PWS .NET framework Hide_EXE Generic Malware Antivirus SMTP PWS[m] KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW IP Check Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed keylogger
1 2 5 16.4 M 22 ZeroCERT

14480 2023-03-27 10:47 usa.exe  

f00f6596f6bf65d01cb390aebc5326f5


PWS .NET framework RAT UPX Confuser .NET OS Processor Check .NET EXE PE32 PE File VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key
1 4.8 M 52 ZeroCERT

14481 2023-03-27 10:45 97.exe  

571ce7de07a8e7ad2bb8abae3c625f11


UPX Malicious Library OS Processor Check PE32 PE File .NET DLL DLL VirusTotal Malware Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process AppData folder WriteConsoleW Tofsee Windows Cryptographic key
2 1 5.4 M 45 ZeroCERT

14482 2023-03-27 10:42 cc.exe  

41eb3aa33bccbe6a18acfedaf7f93ad5


UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware unpack itself Remote Code Execution
1.8 M 26 ZeroCERT

14483 2023-03-27 10:42 vbc.exe  

03c74286887866a799f7cafdc096efda


PWS .NET framework RAT UPX PWS[m] AntiDebug AntiVM .NET EXE PE32 PE File FormBook Malware download VirusTotal Malware PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows Cryptographic key
10 11 3 9.6 M 40 ZeroCERT

14484 2023-03-27 10:41 FRI.exe  

c1b465d96c0541a5dc8e95a7bfd96e15


UPX Malicious Library PE32 PE File FormBook Malware download VirusTotal Malware suspicious privilege Malicious Traffic Check memory Creates executable files ICMP traffic unpack itself suspicious TLD DNS
10 24 6 5 6.2 M 38 ZeroCERT

14485 2023-03-27 10:41 Windowsfig.exe  

40528a8ce542af784cb9958552f7798d


Confuser .NET .NET EXE PE32 PE File VirusTotal Malware Check memory Checks debugger unpack itself ComputerName
2.4 M 35 ZeroCERT

14486 2023-03-27 10:39 ox.exe  

cfc3dc40432c7d8d8f838bc20c12bf27


UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware unpack itself crashed
2.2 M 46 ZeroCERT

14487 2023-03-27 10:37 Nasalized.exe  

4c42520a02966a874eb4fbdc0a74e208


RedLine stealer[m] PWS .NET framework RAT RedLine Stealer Confuser .NET SMTP PWS[m] AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Windows Browser ComputerName DNS Cryptographic key Software crashed
1 9.4 M 43 ZeroCERT

14488 2023-03-27 10:34 a.exe  

1dc49de091d11dd75ff77444e1b2e286


UPX Malicious Library Malicious Packer OS Processor Check PE64 PE File VirusTotal Malware crashed
2.0 M 41 ZeroCERT

14489 2023-03-27 10:33 vbc.exe  

ea36e1f335ddc3b518fb817b92b2f7e9


UPX Malicious Library PE32 PE File FormBook Malware download VirusTotal Malware suspicious privilege Malicious Traffic Check memory Creates executable files unpack itself
20 22 2 19 4.6 M 47 ZeroCERT

14490 2023-03-27 10:32 Blaubok.exe  

3c62500496bfc4f35d38ddbe71be78c2


RedLine stealer[m] PWS .NET framework RAT RedLine Stealer Confuser .NET SMTP PWS[m] AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Windows Browser ComputerName DNS Cryptographic key Software crashed
1 10.4 M 48 ZeroCERT