Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
14521 2023-03-24 18:17 20...............................  

3d64a167c2f313bac10c89b3d591be13


MS_RTF_Obfuscation_Objects RTF File doc VirusTotal Malware RWX flags setting
2.6 M 30 ZeroCERT

14522 2023-03-24 18:15 1.vbs  

0302835269c55903e8af7326a27ca898


Generic Malware Antivirus VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself suspicious process WriteConsoleW Windows ComputerName Cryptographic key
5.8 M 2 ZeroCERT

14523 2023-03-24 18:15 vbc.exe  

1207e0b55db1b38405c49fc57209fc38


PWS .NET framework RAT UPX .NET EXE PE32 PE File VirusTotal Malware PDB Check memory Checks debugger unpack itself DNS crashed
1 3.2 M 33 ZeroCERT

14524 2023-03-24 18:13 vbc.exe  

1651e40eaf343b2e9ceaea5f1aef2fae


NPKI RAT UPX PE64 PE File VirusTotal Malware Check memory Checks debugger unpack itself
1.6 M 29 ZeroCERT

14525 2023-03-24 18:12 huilang.exe  

f1ec2cf6256a7c8543586065a07da47a


UPX PE32 PE File Malware download VirusTotal Open Directory Malware AutoRuns Malicious Traffic Check memory Creates executable files RWX flags setting AppData folder AntiVM_Disk sandbox evasion VM Disk Size Check Windows Exploit Browser DNS
1 8 9.4 M 56 ZeroCERT

14526 2023-03-24 18:12 creal.exe  

2120b49043ad53c0a73cbf60bc110f8e


Gen1 Emotet Generic Malware UPX Malicious Library Anti_VM Malicious Packer Admin Tool (Sysinternals etc ...) OS Processor Check PE64 PE File DLL ZIP Format VirusTotal Malware Check memory Creates executable files
2.2 M 34 ZeroCERT

14527 2023-03-24 18:11 vbc.exe  

52960f977b511bb88664a0177320a26a


PWS .NET framework RAT Generic Malware Antivirus .NET EXE PE32 PE File VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger Creates shortcut unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key
7.4 M 28 ZeroCERT

14528 2023-03-24 18:10 1.vbs  

8207f9bb21566a55e65885d18172fe00


Generic Malware Antivirus VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself suspicious process WriteConsoleW Windows ComputerName Cryptographic key
5.8 2 ZeroCERT

14529 2023-03-24 18:09 98.exe  

719082dcc3c017e5b675c8b9ec74b6a1


RedLine stealer[m] UPX Malicious Library AntiDebug AntiVM OS Processor Check PE32 PE File Browser Info Stealer FTP Client Info Stealer Buffer PE PDB suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates executable files RWX flags setting unpack itself Collect installed applications AntiVM_Disk IP Check VM Disk Size Check installed browsers check Windows Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed
3 12.6 M ZeroCERT

14530 2023-03-24 17:51 ndt5tk.exe  

9ce5895cf7087cd578519a76e9eadb7c


UPX Malicious Library PWS[m] AntiDebug AntiVM OS Processor Check PE32 PE File VirusTotal Malware Buffer PE Code Injection Check memory Checks debugger buffers extracted unpack itself ComputerName crashed
7.6 32 ZeroCERT

14531 2023-03-24 11:31 svchost.exe  

8ec922c7a58a8701ab481b7be9644536


Gen2 Gen1 UPX Malicious Packer PE64 PE File PDB Remote Code Execution
0.6 guest

14532 2023-03-24 09:47 vbc.exe  

b9e1bfbf09491bfb164214ce2618acb7


UPX Malicious Library PE32 PE File VirusTotal Malware suspicious privilege Malicious Traffic Check memory Creates executable files unpack itself
22 24 1 19 4.4 M 34 ZeroCERT

14533 2023-03-24 09:46 vx9.txt.ps1  

bbd04ea795c2f48efea24040f42730e6


Generic Malware Antivirus VirusTotal Malware Check memory unpack itself WriteConsoleW Windows Cryptographic key
1.4 M 5 ZeroCERT

14534 2023-03-24 09:45 WinLoad.exe  

12a45205a6da702e56b6a07cbe162445


Gen2 Gen1 Generic Malware UPX Malicious Library Anti_VM OS Processor Check PE64 PE File VirusTotal Malware Creates executable files DNS crashed
3 2.0 M 23 ZeroCERT

14535 2023-03-24 09:45 writer.bat  

1e30daa4770b00c2e624e8a615e80282


Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection PWS[m] Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges FTP Http API AntiDebug AntiVM powershell Windows utilities suspicious process WriteConsoleW Windows Trojan DNS DDNS DoTNet
6 2 6 5.8 ZeroCERT