popup

Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
14776 2023-03-09 09:45 10032b.exe  

9cb2c1a445f74bdee85086381dc80d7e


UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware unpack itself Remote Code Execution 		2.0 25 ZeroCERT

14777 2023-03-08 18:45 RemoteConfig.sqlite3  

00dc9f7c16006e1935b5042b9bfae851


AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName 		3.4 BRY

14778 2023-03-08 18:31 AccountChooser.loctable  

7fa46218594ac176dfd14f88d6c1e633


AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName 		3.4 BRY

14779 2023-03-08 17:41 vbc.exe  

f10caa63bef70662a123611402191200


RAT Generic Malware Antivirus .NET EXE PE32 PE File VirusTotal Malware powershell PDB suspicious privilege Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key crashed 		1 6.2 M 27 ZeroCERT

14780 2023-03-08 17:40 setup.exe  

9926000294771eb592dd85d1b894b76e


Malicious Library PE32 PE File VirusTotal Malware WMI Creates executable files RWX flags setting Checks Bios anti-virtualization ComputerName DNS 		1 6.2 33 ZeroCERT

14781 2023-03-08 17:39 vbc.exe  

21f7fd1bf4759b63e04892f4ecbdf0e4


RAT Generic Malware Antivirus .NET EXE PE32 PE File VirusTotal Malware powershell PDB suspicious privilege Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key crashed 		5.6 20 ZeroCERT

14782 2023-03-08 17:37 starm.exe  

3164bd50674c7af7f793631116a76e11


PWS .NET framework RAT UPX OS Processor Check .NET EXE PE32 PE File VirusTotal Malware PDB Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces Tofsee Windows 		1 2 2 4.2 24 ZeroCERT

14783 2023-03-08 17:35 g8ci.exe  

fcf17bb869c527c83eba15db716797a8


PWS .NET framework RAT UPX OS Processor Check .NET EXE PE32 PE File VirusTotal Malware PDB Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces Tofsee Windows 		1 2 1 3.8 3 ZeroCERT

14784 2023-03-08 17:34 unknown.exe  

f35d0d1430dcc7122751a2985e0cdfdb


PWS .NET framework RAT UPX Malicious Library Antivirus OS Processor Check .NET EXE PE32 PE File suspicious privilege MachineGuid Check memory Checks debugger unpack itself AntiVM_Disk VM Disk Size Check Windows ComputerName keylogger 		3.2 ZeroCERT

14785 2023-03-08 17:33 73cceb_69fbb28af79141d4b6bec17...  

54846ba2f55540444b2f62d30ef9cdbc


Hide_EXE PowerShell Script MZ Generic Malware Anti_VM Antivirus VirusTotal Malware powershell AutoRuns Check memory Creates executable files unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key 		1 4.6 M 4 ZeroCERT

14786 2023-03-08 17:30 ChatGPT.exe  

cd12cb026f70700b6d7d3122360c52e8


Generic Malware UPX Malicious Library Malicious Packer OS Processor Check PE File PE64 VirusTotal Malware 		0.6 M 11 ZeroCERT

14787 2023-03-08 17:27 Disposizioni.url  

6bbce3224d51716918724a26773d1568


AntiDebug AntiVM MSOffice File VirusTotal Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed 		1 1 2 5.8 7 ZeroCERT

14788 2023-03-08 17:26 cliente.url  

361301f6ad56d5f44ed70afcbf223df0


AntiDebug AntiVM MSOffice File VirusTotal Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed 		1 1 2 5.8 3 ZeroCERT

14789 2023-03-08 15:12 .com.apple.containermanagerd.m...  

3fba7ecce37ca2ef279bb940a79db072


AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName 		3.4 BRY

14790 2023-03-08 14:03 Documento.xls  

893f9b10a48073fc3fa0d5c8867f7200


Downloader MSOffice File VirusTotal Malware ICMP traffic RWX flags setting unpack itself suspicious process Tofsee 		1 9 2 4.8 M 43 ZeroCERT

keyword