Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
14716	2023-03-10 10:57	OK.exe 26bfa45039ef6f57f026892087c9808c PWS .NET framework RAT UPX OS Processor Check .NET EXE PE32 PE File VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key		1			5.4	M	50	ZeroCERT

14717	2023-03-10 10:55	foto0113.exe d8d0f2927c2c3b87a61894e5ade7e6c6 Gen1 Emotet UPX Malicious Library CAB PE32 PE File Browser Info Stealer FTP Client Info Stealer AutoRuns PDB suspicious privilege MachineGuid Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Disables Windows Security Collect installed applications AntiVM_Disk VM Disk Size Check installed browsers check Windows Update Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed		1			10.6	M		ZeroCERT

14718	2023-03-10 10:55	photo_004.exe 4c814dac9466a730cc0c3e0cea45bb6e UPX Malicious Library OS Processor Check PE32 PE File PDB unpack itself Remote Code Execution					1.6	M		ZeroCERT

14719	2023-03-10 10:53	cr7.exe 4b1c82c70fea02a7d3466a98ac5bfd80 PWS .NET framework RAT Generic Malware UPX Antivirus SMTP PWS[m] KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself Check virtual network interfaces suspicious process Windows Browser Email ComputerName DNS Cryptographic key Software crashed	1 Keyword trend analysis	1	1		14.2		14	ZeroCERT

14720	2023-03-10 10:53	microsoftedge.exe d9e7186fb49d75774327df10b2df2dfe UPX Downloader PE32 PE File VirusTotal Malware Checks debugger ICMP traffic unpack itself Tofsee ComputerName DNS crashed	1 Keyword trend analysis	2	4		4.2	M	46	ZeroCERT

14721	2023-03-10 10:52	Recrypted.pif 68a23c2fc62bddad0a2c6cf36003577b Loki_b Loki_m PWS .NET framework Generic Malware task schedule UPX Antivirus ScreenShot DNS PWS[m] KeyLogger AntiDebug AntiVM OS Processor Check .NET EXE PE32 PE File Malware download NetWireRC VirusTotal Malware AutoRuns PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself suspicious process WriteConsoleW IP Check Windows RAT ComputerName Cryptographic key crashed	1 Keyword trend analysis	2	2		10.8		12	ZeroCERT

14722	2023-03-10 10:51	obinna.exe 8ae859365952e85bec8f7ecd75d56541 UPX Malicious Library PE32 PE File OS Processor Check Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns Check memory Checks debugger buffers extracted Creates executable files unpack itself Check virtual network interfaces AppData folder IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed	1 Keyword trend analysis	2	1		8.6		22	ZeroCERT

14723	2023-03-10 10:48	vbc.exe ad0fd8c49bd571cba00267ef88851d73 RAT Generic Malware Antivirus SMTP PWS[m] KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key crashed					11.0	M	34	ZeroCERT

14724	2023-03-10 10:48	.win32.exe 1184127cec87d9bce7565f9499eccc69 UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware unpack itself Remote Code Execution					2.0	M	29	ZeroCERT

14725	2023-03-10 07:54	Miner.exe 49aa025262bc86dc07774b6364c39f54 PWS .NET framework RAT .NET EXE PE32 PE File VirusTotal Cryptocurrency Miner Malware Cryptocurrency PDB Malicious Traffic Check memory Checks debugger Creates executable files unpack itself Check virtual network interfaces Tor ComputerName DNS	1 Keyword trend analysis	2	1		5.2	M	23	ZeroCERT

14726	2023-03-10 07:51	STE.exe fde00f70af28ca030e187b4296a0d847 Loki_b Loki_m RAT Generic Malware UPX PWS[m] AntiDebug AntiVM OS Processor Check .NET EXE PE32 PE File VirusTotal Malware Code Injection Check memory Checks debugger buffers extracted unpack itself ComputerName					7.2		30	ZeroCERT

14727	2023-03-09 18:14	P49A1RKQbr6n5L2G.zip 5ed137665b139baccce1abee74282b81 ZIP Format VirusTotal Malware Report ICMP traffic DNS		11	5		3.4		7	ZeroCERT

14728	2023-03-09 17:46	Brav.exe 5a26b0142d5f9a8da8dae6c0fb70ad78 UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware Checks debugger unpack itself crashed					2.6	M	41	ZeroCERT

14729	2023-03-09 17:44	bcd4b93a1a85c5ba45a4f7e5980db1... ae6df34a140bf74860ca3165d50d8705 Emotet Gen2 UPX Malicious Library Malicious Packer OS Processor Check PE32 PE File DLL VirusTotal Malware Check memory buffers extracted WMI Creates executable files unpack itself AppData folder Tofsee ComputerName crashed	3 Keyword trend analysis	2	1	2	4.6	M	25	ZeroCERT

14730	2023-03-09 17:42	bcd4b93a1a85c5ba45a4f7e5980db1... a1c5f268d670ba3a4440647bdeaa3e20 Emotet Gen2 UPX Malicious Library Malicious Packer OS Processor Check PE32 PE File DLL VirusTotal Malware Check memory buffers extracted WMI Creates executable files unpack itself AppData folder Tofsee ComputerName crashed	3 Keyword trend analysis	2	1	1	5.0	M	41	ZeroCERT