Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
14536 2023-03-24 09:44 1.exe  

7429ee8b83fcbb48fe5b383a6235ac1d


UPX Malicious Library MZP Format PE32 PE File VirusTotal Malware AutoRuns MachineGuid Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Check virtual network interfaces Tofsee Windows
8 12 2 4 6.2 M 34 ZeroCERT

14537 2023-03-24 09:39 LitPay.exe  

3951f8ad7e0e7682fc0d9d13c9a503c5


Gen1 Emotet UPX Malicious Library CAB PE64 PE File .NET EXE PE32 VirusTotal Malware AutoRuns PDB suspicious privilege Check memory Checks debugger Creates executable files unpack itself AppData folder Windows Remote Code Execution Cryptographic key crashed
4.6 23 ZeroCERT

14538 2023-03-24 09:39 vvd.exe  

ddae367e828d169834f7261f3cba74d2


PWS .NET framework RAT UPX .NET EXE PE32 PE File VirusTotal Malware Check memory Checks debugger unpack itself ComputerName DNS
1 2.4 M 21 ZeroCERT

14539 2023-03-24 09:37 vbc.exe  

7ff571e8d43bdefd4fb9ca3177dfbc7e


PWS .NET framework RAT Generic Malware Antivirus SMTP PWS[m] KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File VirusTotal Malware powershell AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key crashed
12.6 M 29 ZeroCERT

14540 2023-03-24 09:37 vbc.exe  

953f34884877d4946480bb967d355f69


PWS .NET framework RAT AntiDebug AntiVM .NET EXE PE32 PE File FormBook Malware download VirusTotal Malware PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself
10 11 3 8.4 M 19 ZeroCERT

14541 2023-03-24 09:37 85...............................  

c3e8b482ed3986690fcdc9cbab9a0b7f


MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic RWX flags setting exploit crash Windows Exploit DNS crashed Downloader
1 7 4.4 M 27 ZeroCERT

14542 2023-03-24 09:34 vbc.exe  

8301d3d1a602b5aa7e72a57fb20d1a57


PWS .NET framework RAT UPX .NET EXE PE32 PE File VirusTotal Malware PDB Check memory Checks debugger unpack itself
2.4 M 37 ZeroCERT

14543 2023-03-24 09:34 b.pif  

424811420bb77c6b2aeee8fd5fd651e0


PWS .NET framework RAT Generic Malware Antivirus SMTP PWS[m] KeyLogger PDF AntiDebug AntiVM .NET EXE PE32 PE File ZIP Format Browser Info Stealer Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities Check virtual network interfaces suspicious process AntiVM_Disk sandbox evasion WriteConsoleW IP Check VM Disk Size Check installed browsers check Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed keylogger
7 3 6 1 20.2 M 20 ZeroCERT

14544 2023-03-24 09:34 1.vbs  

670a6c9ab0f89a768738fe10a8b06982


Generic Malware Antivirus VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself suspicious process WriteConsoleW Windows ComputerName Cryptographic key
5.8 1 ZeroCERT

14545 2023-03-24 08:41 presetbodyqualitydebris.hbaked...  

3627dcbbcd0be2ce4f53d3e05c77d9eb


AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName
3.4 guest

14546 2023-03-23 18:47 INV.exe  

d826f8c8edb9b4eea8ee18fa75572490


UPX Malicious Library PE32 PE File FormBook Malware download VirusTotal Malware suspicious privilege Malicious Traffic Check memory Creates executable files unpack itself suspicious TLD DNS
24 25 4 4.6 M 29 ZeroCERT

14547 2023-03-23 18:45 ss47.exe  

44d59cf2b7e4700b703e95eaa7fdbdc7


UPX Malicious Library Malicious Packer OS Processor Check PE64 PE File Browser Info Stealer VirusTotal Malware PDB MachineGuid Malicious Traffic buffers extracted unpack itself Check virtual network interfaces Tofsee Browser Remote Code Execution
5 6 2 5.2 M 17 ZeroCERT

14548 2023-03-23 18:39 ComPlusMethone.exe  

cf52142e72a8cae6f9f667b19d098459


PWS .NET framework RAT Anti_VM Malicious Packer .NET EXE PE32 PE File VirusTotal Malware PDB suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself
4.4 M 29 ZeroCERT

14549 2023-03-23 18:39 NetSySCLI.exe  

367030209dfe9a7f1631b8edad37cfa3


PE64 PE File VirusTotal Malware DNS
1 3.0 M 57 ZeroCERT

14550 2023-03-23 18:33 A1.exe  

f45a24c4f95ebc9c77e61344b65872f2


RAT UPX OS Processor Check .NET EXE PE32 PE File VirusTotal Malware Check memory Checks debugger unpack itself DNS
1 2.6 M 54 ZeroCERT