Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
14551 2023-03-23 18:31 cipher.exe  

a1a1af51bcab4d2f25637f6aa32ab493


RAT UPX OS Processor Check .NET EXE PE32 PE File VirusTotal Malware AutoRuns suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger buffers extracted WMI ICMP traffic unpack itself Check virtual network interfaces IP Check Tofsee Windows Discord ComputerName DNS
2 6 4 8.6 M 44 ZeroCERT

14552 2023-03-23 18:30 fotocr.exe  

86b64b82769fd641a3664ee102cd2f60


UPX Malicious Library OS Processor Check PE32 PE File PDB unpack itself Remote Code Execution
1.2 M ZeroCERT

14553 2023-03-23 18:29 ConPtyShell.exe  

ce43d05a16369e03f1ee9e997bce44f6


RAT UPX Malicious Packer Antivirus .NET EXE PE32 PE File VirusTotal Malware Check memory Checks debugger unpack itself DNS
1 2.4 M 36 ZeroCERT

14554 2023-03-23 18:28 NRATNew.exe  

ca6a4db4964f4475bed525178ad92f0c


RAT Malicious Packer .NET EXE PE32 PE File GIF Format VirusTotal Malware AutoRuns suspicious privilege Check memory Checks debugger Creates shortcut Creates executable files unpack itself AppData folder Windows ComputerName Cryptographic key keylogger
2 7.6 M 52 ZeroCERT

14555 2023-03-23 18:27 creal.exe  

2120b49043ad53c0a73cbf60bc110f8e


Gen1 Emotet Generic Malware UPX Malicious Library Anti_VM Malicious Packer Admin Tool (Sysinternals etc ...) OS Processor Check PE64 PE File DLL ZIP Format VirusTotal Malware Check memory Creates executable files
2.0 23 ZeroCERT

14556 2023-03-23 18:27 nettaskcipher.exe  

64557121d459383777f4c4f5c611e59b


RAT Generic Malware UPX Antivirus OS Processor Check .NET EXE PE32 PE File VirusTotal Malware powershell AutoRuns suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger Creates shortcut Creates executable files unpack itself Windows utilities Check virtual network interfaces suspicious process AntiVM_Disk WriteConsoleW IP Check VM Disk Size Check Tofsee Windows ComputerName DNS Cryptographic key
2 6 3 10.6 M 53 ZeroCERT

14557 2023-03-23 18:25 g02.exe  

9f488e91936c3e39d4c8d9923d067cf6


PWS .NET framework RAT UPX .NET EXE PE32 PE File VirusTotal Malware Check memory Checks debugger unpack itself ComputerName
1.4 6 ZeroCERT

14558 2023-03-23 18:24 rumf61h.exe  

0fba69e599437eb61d2abc86569621be


RedLine stealer[m] UPX Malicious Library Malicious Packer AntiDebug AntiVM OS Processor Check PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Windows Browser ComputerName DNS Cryptographic key Software crashed
1 10.0 50 ZeroCERT

14559 2023-03-23 15:26 Pass_1234_Setup.rar  

37262ca3a1d563877f4324ee75b6facb


PWS[m] KeyLogger Escalate priviledges AntiDebug AntiVM Malware download Malware RecordBreaker suspicious privilege Malicious Traffic Check memory Checks debugger Creates executable files unpack itself Stealer Windows DNS
10 1 5 3.8 ZeroCERT

14560 2023-03-23 13:30 vbc.exe  

d26e9a9ca834081f9decb5cdb0c10065


PWS .NET framework RAT Generic Malware Antivirus SMTP PWS[m] KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities Check virtual network interfaces suspicious process WriteConsoleW IP Check Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed keylogger
1 2 5 15.0 M 36 ZeroCERT

14561 2023-03-23 13:27 19...............................  

8be240ea9814810a1c8a8754595b28b5


MS_RTF_Obfuscation_Objects RTF File doc Malware download VirusTotal Malware Malicious Traffic RWX flags setting exploit crash IP Check Windows Exploit DNS DDNS crashed keylogger Downloader
2 4 12 5.4 M 31 ZeroCERT

14562 2023-03-23 13:25 Firefox1.exe  

77d8ff584c4a6be6e927107aa7aa813b


Malicious Library PE32 PE File VirusTotal Malware PDB Check memory unpack itself AntiVM_Disk sandbox evasion VM Disk Size Check Browser DNS
1 1 3.8 M 47 ZeroCERT

14563 2023-03-23 13:24 vbc.exe  

92be4d14e97f691d1a23454035deca30


UPX Malicious Library PE32 PE File FormBook Malware download VirusTotal Malware suspicious privilege Malicious Traffic Check memory Creates executable files unpack itself
22 24 2 17 4.4 M 34 ZeroCERT

14564 2023-03-23 13:23 vbc.exe  

047f4584d2662d20bbb4c7b48cb1523a


PWS .NET framework RAT Hide_EXE SMTP KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns PDB Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed
1 2 1 13.0 M 32 ZeroCERT

14565 2023-03-23 13:20 unknown.exe  

ab2185234d407de7d8d03041e7c3a488


RAT UPX Malicious Library Antivirus OS Processor Check .NET EXE PE32 PE File suspicious privilege MachineGuid Check memory Checks debugger unpack itself AntiVM_Disk VM Disk Size Check Windows ComputerName keylogger
3.2 M ZeroCERT