Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player
14791	2023-03-08 14:01	pzOEfyaZPW1OyO690Z19HEU7.dll fe1097b9754d8e3c54c7f54c68c4dabd Malicious Library Malicious Packer DLL PE File PE64 VirusTotal Malware Check memory Checks debugger unpack itself suspicious process sandbox evasion Remote Code Execution					4.2		22	ZeroCERT

14792	2023-03-08 14:01	X8099607585O.xls 6493581b246b731e4937fbee64a68803 Downloader ScreenShot PWS[m] KeyLogger AntiDebug AntiVM MSOffice File VirusTotal Malware Code Injection unpack itself					3.2		40	ZeroCERT

14793	2023-03-08 11:20	clip64.dll 3d8d9e5e16ff723493d7a4399647df50 UPX Malicious Library Admin Tool (Sysinternals etc ...) OS Processor Check DLL PE32 PE File VirusTotal Malware PDB Checks debugger unpack itself					2.0	M	54	ZeroCERT

14794	2023-03-08 11:18	handdiy_2.exe c40e098b934dd5baaff26717530d6d4d Gen2 Trojan_PWS_Stealer Credential User Data Generic Malware UPX Malicious Library Malicious Packer SQLite Cookie Anti_VM OS Processor Check PE32 PE File PNG Format Browser Info Stealer VirusTotal Malware suspicious privilege MachineGuid Code Injection Checks debugger WMI Creates executable files ICMP traffic exploit crash Windows utilities suspicious process WriteConsoleW installed browsers check Tofsee Windows Exploit Browser ComputerName Remote Code Execution DNS crashed	1 Keyword trend analysis	4	5		10.2	M	48	ZeroCERT

14795	2023-03-08 11:18	nigga.exe 01d648ecf27b3e9a6415af8fab167ac9 PE32 PE File VirusTotal Malware unpack itself crashed					1.6	M	37	ZeroCERT

14796	2023-03-08 11:16	vbc.exe d218c65b01376996973170a38e0ec238 RAT .NET EXE PE32 PE File VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself					5.8	M	32	ZeroCERT

14797	2023-03-08 11:16	photo_003.exe 0e598ae27453b8349302a232a8fa3c8d UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware PDB unpack itself Remote Code Execution					2.4	M	25	ZeroCERT

14798	2023-03-08 11:14	vbc.exe 4885682f23a3e4d30f36031e374829a9 Loki Loki_b Loki_m RAT Socket DNS PWS[m] AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c PDB suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs AntiVM_Disk VM Disk Size Check installed browsers check Browser Email ComputerName DNS Software	1 Keyword trend analysis	1	7 Info ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Fake 404 Response	1	14.0	M	38	ZeroCERT

14799	2023-03-08 11:13	10032b.exe 906f7577992ba49c57c8e1e4f345b9fd UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware PDB unpack itself Remote Code Execution					2.4		28	ZeroCERT

14800	2023-03-08 11:12	rhh.exe 6426a9c12a40aad907b96837a487e988 RAT UPX Malicious Library ScreenShot AntiDebug AntiVM OS Processor Check PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Malware Cryptocurrency wallets Cryptocurrency Buffer PE Code Injection Check memory buffers extracted unpack itself Ransomware Browser ComputerName DNS Software	2 Keyword trend analysis	1	2		10.6	M	41	ZeroCERT

14801	2023-03-08 11:12	vbc.exe 4560193b469fba0faadbd79d31a9a499 PWS .NET framework RAT Generic Malware UPX Antivirus SMTP KeyLogger AntiDebug AntiVM OS Processor Check .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself suspicious process Windows Browser Email ComputerName Cryptographic key Software crashed					13.0	M	40	ZeroCERT

14802	2023-03-08 11:09	ss25.exe 48f4f6461f03606000016cee556bab4f Gen2 Gen1 UPX Malicious Library Malicious Packer PE File PE64 VirusTotal Malware PDB Remote Code Execution					1.4	M	16	ZeroCERT

14803	2023-03-08 11:09	vbc.exe 4367a4092b69619685efc9aae101ab6c RAT SMTP KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows Browser Email ComputerName Cryptographic key Software crashed					12.6	M	33	ZeroCERT

14804	2023-03-08 11:09	New1.exe 0492a562ceee12e6db78b77aa191e267 UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware Buffer PE PDB Checks debugger buffers extracted unpack itself sandbox evasion ComputerName		1			4.2	M	35	ZeroCERT

14805	2023-03-08 11:07	cred64.dll d4175d9293f11ba1b93acceaccc246f6 Ave Maria WARZONE RAT UPX Malicious Library OS Processor Check DLL PE File PE64 VirusTotal Malware PDB Checks debugger installed browsers check Browser ComputerName crashed					2.4	M	48	ZeroCERT