Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
14701 2023-03-17 17:50 SecurityHelath_protected.exe  

1cf38074d1eec7ff196912f6b2d8c0c1


RAT Generic Malware task schedule Malicious Packer Antivirus AntiDebug AntiVM .NET EXE PE32 PE File VirusTotal Malware powershell AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities powershell.exe wrote suspicious process AppData folder WriteConsoleW Windows ComputerName Cryptographic key
12.4 M 45 ZeroCERT

14702 2023-03-17 17:50 9.exe  

865f56a97781bcde44902cfe823d2f92


Generic Malware Antivirus .NET EXE PE32 PE File PowerShell VirusTotal Malware powershell suspicious privilege MachineGuid Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote Check virtual network interfaces suspicious process Tofsee Windows Discord ComputerName DNS Cryptographic key Downloader
1 2 3 10.0 M 33 ZeroCERT

14703 2023-03-17 17:39 enes.exe  

843bab6d9df36499a5880621c9fd1cd8


RAT North Korea Generic Malware task schedule UPX Antivirus ScreenShot PWS[m] AntiDebug AntiVM .NET EXE PE32 PE File GIF Format VirusTotal Malware Buffer PE AutoRuns PDB MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files ICMP traffic unpack itself Windows ComputerName DNS
1 12.2 M 32 ZeroCERT

14704 2023-03-17 17:37 10.exe  

ae120eba5b9a92de898ed5533151d400


Generic Malware Antivirus .NET EXE PE32 PE File PowerShell VirusTotal Malware powershell suspicious privilege MachineGuid Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote Check virtual network interfaces suspicious process Tofsee Windows Discord ComputerName DNS Cryptographic key Downloader
1 2 3 10.0 M 33 ZeroCERT

14705 2023-03-17 17:36 vbc.exe  

52566f0ff46e8a99d07c8d4cb46b3ee8


PWS .NET framework RAT Generic Malware Antivirus SMTP KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities Check virtual network interfaces suspicious process WriteConsoleW IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed
1 2 1 14.8 M 25 ZeroCERT

14706 2023-03-17 17:34 RynMd_protected.exe  

d953ad5e538ade271c362c18b153a210


RAT Generic Malware Downloader task schedule Malicious Packer Antivirus Create Service DGA Socket ScreenShot DNS Internet API Code injection PWS[m] Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges FTP Http API AntiDebug AntiVM .NET EXE VirusTotal Malware powershell AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities powershell.exe wrote suspicious process AppData folder WriteConsoleW Windows ComputerName Cryptographic key
13.4 M 48 ZeroCERT

14707 2023-03-17 17:34 Bpznb.msi  

c39fec313f716b37b80ccf946ef5cc83


RAT Malicious Library OS Processor Check CAB MSOffice File VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger unpack itself AntiVM_Disk VM Disk Size Check Windows ComputerName DNS
8 1 3 4.0 M 4 ZeroCERT

14708 2023-03-17 17:32 5.exe  

3051107beffacf17a9b28d8328477485


Generic Malware Antivirus .NET EXE PE32 PE File PowerShell VirusTotal Malware powershell suspicious privilege MachineGuid Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote Check virtual network interfaces suspicious process Tofsee Windows Discord ComputerName DNS Cryptographic key Downloader
1 2 3 10.0 M 28 ZeroCERT

14709 2023-03-17 16:31 vbc.exe  

52566f0ff46e8a99d07c8d4cb46b3ee8


PWS .NET framework RAT Generic Malware Antivirus SMTP KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed
1 2 1 15.8 25 guest

14710 2023-03-17 10:22 wp.exe  

e6ecbd1d1be89544050d4ed5f1c276bf


PWS .NET framework RAT task schedule UPX Malicious Library AntiDebug AntiVM OS Processor Check .NET EXE PE32 PE File VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities Check virtual network interfaces suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key DDNS crashed
4 3 13.6 M 31 ZeroCERT

14711 2023-03-17 10:13 vbc.exe  

1f3db8af64889c15223ed7de05b86413


PWS .NET framework RAT UPX .NET EXE PE32 PE File VirusTotal Malware Check memory Checks debugger unpack itself ComputerName
2.4 M 39 ZeroCERT

14712 2023-03-17 10:11 MatyWon.exe  

e01eed093c11df9172d1a70484e8f973


RedLine stealer[m] PWS .NET framework RAT RedLine Stealer Confuser .NET SMTP PWS[m] AntiDebug AntiVM .NET EXE PE32 PE File VirusTotal Malware Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key
2 7.2 M 38 ZeroCERT

14713 2023-03-17 10:09 111.exe  

6e5c1da79c9bdb532b062567460b4f1d


Malicious Library PE32 PE File VirusTotal Malware PDB Check memory unpack itself AntiVM_Disk VM Disk Size Check Browser DNS
1 1 3.2 M 39 ZeroCERT

14714 2023-03-17 10:07 6.ocx  

ef4a2bb28bee4196a1996de11a3bbf8b


Generic Malware UPX Malicious Library VMProtect PE32 PE File VirusTotal Malware RWX flags setting unpack itself
2 5.0 M 40 ZeroCERT

14715 2023-03-17 10:04 foto0128.exe  

1a58eef2765ad5adb3ac07d0e3c1234d


Gen1 Emotet UPX Malicious Library CAB PE32 PE File Browser Info Stealer FTP Client Info Stealer AutoRuns PDB suspicious privilege MachineGuid Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Disables Windows Security Collect installed applications AntiVM_Disk VM Disk Size Check installed browsers check Windows Update Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed
1 10.6 M ZeroCERT