Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
14611	2023-03-15 12:18	ark.exe 29c22ed1bf240862754610f5d54d3bda RAT UPX SMTP KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed	1 Keyword trend analysis	2	1	12.4	M	37	ZeroCERT

14612	2023-03-15 12:16	.win32.exe 981041cc24cd48d16f824b344b071699 UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware PDB unpack itself Remote Code Execution				2.4	M	46	ZeroCERT

14613	2023-03-15 12:16	BL-1600072563308pdf.exe 439d761548b85536d63cd8e4a8d26d8f RAT UPX SMTP KeyLogger AntiDebug AntiVM OS Processor Check PE64 .NET EXE PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware PDB Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed	1 Keyword trend analysis	2	1	10.6	M	20	ZeroCERT

14614	2023-03-15 12:16	index.php 21741dcd7562d956577d753d43d38830 Generic Malware UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware unpack itself Remote Code Execution				1.8	M	20	ZeroCERT

14615	2023-03-15 12:14	vbc.exe ed211c31e750d637a54acba6d2c52561 RAT SMTP PWS[m] KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed keylogger	1 Keyword trend analysis	2	5	13.2	M	26	ZeroCERT

14616	2023-03-15 12:12	vbc.exe 955e46de4eafb7f3e96b14964694cfdf RAT UPX .NET EXE PE32 PE File VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger unpack itself				5.2	M	35	ZeroCERT

14617	2023-03-15 12:11	Setup.exe a1f7bd3a021e8c779ee8dab8b13aa875 NPKI RAT UPX OS Processor Check PE64 PE File VirusTotal Malware PDB MachineGuid Check memory Checks debugger unpack itself Windows Cryptographic key				2.2	M	21	ZeroCERT

14618	2023-03-15 12:10	87.exe 2bd999eaee31ea5fadf06fa97bb96d88 RedLine stealer[m] UPX Malicious Library AntiDebug AntiVM OS Processor Check PE32 PE File VirusTotal Malware Buffer PE Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key crashed		2		8.6	M	27	ZeroCERT

14619	2023-03-15 12:10	pganjz.exe d07b7112b39c9eee7eaeba1adb099543 RAT Gen1 NPKI Downloader UPX Malicious Packer Malicious Library Create Service DGA Socket ScreenShot DNS SMTP Internet API Code injection PWS[m] Sniff Audio KeyLogger Escalate priviledges AntiDebug AntiVM .NET EXE PE32 PE File DLL OS Processor Check Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Buffer PE AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Ransomware BitRAT Windows Browser Email ComputerName DNS Software keylogger Password		3	2	19.8	M	31	ZeroCERT

14620	2023-03-15 12:09	501.exe ab8f0580cc0d74e0215e7de19515c8a6 PWS .NET framework RAT Admin Tool (Sysinternals etc ...) PWS[m] AntiDebug AntiVM .NET EXE PE32 PE File VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself malicious URLs Ransom Message Ransomware Windows Tor Cryptographic key				11.2	M	21	ZeroCERT

14621	2023-03-15 12:07	s.exe 5aed2df2d2d32d11c3b0c5b50b3ba279 Generic Malware UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware unpack itself Remote Code Execution				1.8		21	ZeroCERT

14622	2023-03-15 09:04	loader_p1_dll_64_n1_x64_inf.dl... 658f14c5d83de5e5fee5f5ae00087139 UPX OS Processor Check DLL PE64 PE File IcedID Malware download VirusTotal Malware PDB Malicious Traffic Checks debugger unpack itself Windows utilities Windows crashed		2	1	3.6	M	1	ZeroCERT

14623	2023-03-15 08:50	sample2.exe 41687e58130c8bdca248e1403e565afb Generic Malware Antivirus PE32 PE File VirusTotal Malware AutoRuns suspicious privilege Check memory Creates shortcut unpack itself AntiVM_Disk sandbox evasion Ransom Message VM Disk Size Check installed browsers check Windows Browser ComputerName				7.0		60	guest

14624	2023-03-14 17:50	vbc.exe 12d21dae453811e10d899a12a573d2c8 PWS .NET framework RAT PWS[m] AntiDebug AntiVM .NET EXE PE32 PE File FormBook Malware download VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities AppData folder Windows	1 Keyword trend analysis	3	1	11.2		26	guest

14625	2023-03-14 17:32	xinxin.exe 1a5fed7b02d73b3589cebd2394fe7ce9 Malicious Library PE32 PE File VirusTotal Malware RWX flags setting unpack itself DNS		2		5.4	M	47	ZeroCERT