Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
14836	2023-03-07 09:53	vbc.exe fc7405792929990276c6c16585272006 PWS .NET framework RAT UPX .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key				5.8	M	36	ZeroCERT

14837	2023-03-07 09:53	renamethis.txt.ps1 ecb48560211841c38e3c2275d42c6f3f Generic Malware Antivirus VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW Tofsee Windows ComputerName Cryptographic key	2 Keyword trend analysis	2	1	9.0		13	ZeroCERT

14838	2023-03-07 09:51	kdnfkjs.sfx.exe a8a6182341c07e476d3b2e4ae24fbb14 RAT Confuser .NET UPX AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger unpack itself				6.6	M	47	ZeroCERT

14839	2023-03-07 09:49	cronoupdater.exe f86b847a4d6112ee7e79510353e3a001 RAT UPX Admin Tool (Sysinternals etc ...) .NET EXE PE File PE32 VirusTotal Malware PDB Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files ICMP traffic unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder Windows ComputerName	3 Keyword trend analysis	2	4	9.4	M	35	ZeroCERT

14840	2023-03-07 09:48	svc.exe 60b55a03146e3388672a9578fa5626a9 Malicious Library UPX OS Processor Check PE File PE32 VirusTotal Malware unpack itself				2.0	M	51	ZeroCERT

14841	2023-03-07 09:47	btc.exe 82f5467cabc16c8d60c5562457a98aa6 PWS[m] PWS .NET framework RAT Emotet Generic Malware UPX Antivirus SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself Check virtual network interfaces suspicious process IP Check Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed keylogger	2 Keyword trend analysis	3	5	15.8	M	7	ZeroCERT

14842	2023-03-07 09:47	Bt1_soft.exe cc290b4105ef5a94aba6d767c8bbc2de Generic Malware UPX PE File PE64 VirusTotal Malware unpack itself Windows Remote Code Execution crashed				3.0	M	31	ZeroCERT

14843	2023-03-07 09:43	vbc.exe a28b0660ea0c24b2e6b4aa9f0049cd93 RAT Generic Malware Antivirus SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW Windows Browser Email ComputerName Cryptographic key Software crashed				14.4	M	33	ZeroCERT

14844	2023-03-07 07:47	1234321.exe 526e66348d684c4f6cbf2b5c7defe69a PWS[m] RedLine stealer[m] Downloader Malicious Library UPX WinRAR Create Service DGA Socket ScreenShot DNS Internet API Code injection Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges FTP Http API AntiDebug AntiVM OS Processor Check PE VirusTotal Malware Buffer PE PDB MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities AppData folder WriteConsoleW Windows Remote Code Execution DNS Cryptographic key crashed		1		12.2	M	43	ZeroCERT

14845	2023-03-06 17:56	os.exe a18b95c829a40237ff0e7fc93aeb641b RAT Gen1 Emotet Gen2 Generic Malware Malicious Library UPX Admin Tool (Sysinternals etc ...) Malicious Packer Anti_VM OS Processor Check .NET EXE PE File PE32 DLL PE64 VirusTotal Malware PDB Check memory Checks debugger Creates executable files unpack itself AppData folder				3.4	M	27	ZeroCERT

14846	2023-03-06 17:51	rlmp32wlve.dll ab947bfaa5ae4bff95661edd82950478 DLL PE File PE32 Malware download Malware Malicious Traffic Checks debugger unpack itself ComputerName crashed	2 Keyword trend analysis	2	1	4.0			ZeroCERT

14847	2023-03-06 15:58	kuconfig.ovpn cf993cb93b53d9c7570731d23a8423cf AntiDebug AntiVM Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself installed browsers check Browser Email ComputerName DNS		1		4.0			BRY

14848	2023-03-06 11:38	vbaProject.bin 6758dff1e94cab62cb39e0457e5bc1b0 PWS[m] VBA_macro Generic Malware Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed			2	4.2		36	guest

14849	2023-03-06 11:35	.rels 77bf61733a633ea617a4db76ef769a4d AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed				3.8			guest

14850	2023-03-06 11:35	.rels 77bf61733a633ea617a4db76ef769a4d PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed			2	4.8			guest