Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
14491 2023-03-27 10:32 payload.exe  

67e524e151efc62a8f5d3bbf8531e70a


PE64 PE File VirusTotal Malware DNS crashed
1 3.2 M 54 ZeroCERT

14492 2023-03-27 10:30 Sprawl.exe  

7f9cc3889e95b39a93593207cc823dd2


RedLine stealer[m] PWS .NET framework RAT RedLine Stealer Confuser .NET SMTP PWS[m] AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Windows Browser ComputerName DNS Cryptographic key Software crashed
1 10.4 M 48 ZeroCERT

14493 2023-03-27 10:30 update.exe  

93b9f5bf918b7e5de262a85214aa8fea


Generic Malware UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware Malicious Traffic unpack itself ComputerName DNS
1 2 4.0 M 41 ZeroCERT

14494 2023-03-27 10:28 ooo.bat  

3db5b638d5142dca0d922543ce1099c0


Generic Malware Downloader Antivirus Create Service DGA Socket ScreenShot DNS Internet API Code injection PWS[m] Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges FTP Http API AntiDebug AntiVM VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key
2 4.0 1 ZeroCERT

14495 2023-03-27 10:28 update-pyt.exe  

ba6a75f0c69a7f22b526ad940c3451b4


Gen2 Generic Malware UPX Malicious Library Antivirus OS Processor Check PE32 PE File JPEG Format Malware download Amadey Malware AutoRuns Malicious Traffic Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process AppData folder WriteConsoleW Windows ComputerName DNS
7 23 6 2 8.2 M ZeroCERT

14496 2023-03-27 10:28 33293939193898579265.bin  

b3c8c890a8a14c823da4fcebb050a8d5


Gen1 UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware unpack itself Windows utilities WriteConsoleW Windows ComputerName crashed
3.6 M 43 ZeroCERT

14497 2023-03-27 10:27 cred64.dll  

3e762ef2e32a7b9e5fa494e295b15edb


Ave Maria WARZONE RAT UPX Malicious Library OS Processor Check DLL PE64 PE File VirusTotal Malware PDB Checks debugger installed browsers check Browser ComputerName DNS crashed
10 3.0 M 49 ZeroCERT

14498 2023-03-27 10:27 ox.exe  

7b9742c442c28ca29907a0ffcaca47fa


UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware unpack itself crashed
1.8 M 29 ZeroCERT

14499 2023-03-27 10:25 RedHat.exe  

684b2bdbe523cd89846944b6814f4de3


Gen2 Gen1 Generic Malware UPX Malicious Library Antivirus Malicious Packer OS Processor Check PE32 PE File DLL Browser Info Stealer VirusTotal Malware Malicious Traffic Check memory Creates executable files unpack itself Collect installed applications anti-virtualization installed browsers check Windows Red Hat Browser ComputerName DNS
8 1 3 7.4 M 43 ZeroCERT

14500 2023-03-27 10:23 foto0169.exe  

2a8355fa97a9ff869abb1e12d6fc70f1


Gen1 Emotet UPX Malicious Library CAB PE32 PE File Browser Info Stealer FTP Client Info Stealer AutoRuns PDB suspicious privilege Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Collect installed applications AntiVM_Disk VM Disk Size Check installed browsers check Windows Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed
2 8.2 M ZeroCERT

14501 2023-03-27 10:23 76783.exe  

1782e83ab6ad4f8b4b24dc03ee802100


PWS .NET framework RAT UPX Admin Tool (Sysinternals etc ...) .NET EXE PE32 PE File VirusTotal Malware Check memory Checks debugger unpack itself Windows ComputerName Cryptographic key
2.4 M 46 ZeroCERT

14502 2023-03-27 07:52 Wyciek-NFZ-16-03-2023.xlsx  

67126c10471b06d8a5b86d78bd6052f4


ZIP Format RWX flags setting exploit crash unpack itself Exploit crashed
2.2 ZeroCERT

14503 2023-03-25 20:31 [2023-01-24_12,38,16.664011]-i...  

c271b8690123fe94527214c1f5cffba6


AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName
3.4 BRY

14504 2023-03-25 15:49 7.html  

f0e0f44ef5d2bb5e7e398de2b92dd20f


Antivirus AntiDebug AntiVM MSOffice File Code Injection exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed
2 3.4 ZeroCERT

14505 2023-03-25 02:32 office32ww.msi.16.x-none.tree[...  

cb8b98aae54e7d85d683c4032c24b7a3


Generic Malware AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName
3.4 BRY