Submissions

No Date Request Urls Hosts IDS Rule Score Zero VT Player Etc
14851 2023-03-16 09:04 extracted_at_0x1d0ce.rtf  

1e91c0e2616bba5aab72ef3813ba97a1


MS_RTF_Obfuscation_Objects VirusTotal Malware unpack itself
1.2 2 guest

14852 2023-03-16 07:59 PXN5J  

27c6e6bc4b46148fb4dcc6a6a9346914


UPX Malicious Library Malicious Packer OS Processor Check DLL PE64 PE File VirusTotal Malware Report Checks debugger unpack itself suspicious process sandbox evasion human activity check ComputerName Remote Code Execution DNS
7 4 6.6 M 10 ZeroCERT

14853 2023-03-16 07:47 Ses8712iGR8du  

bfc060937dc90b273eccb6825145f298


UPX Malicious Library Malicious Packer OS Processor Check DLL PE64 PE File VirusTotal Malware Report Checks debugger unpack itself suspicious process sandbox evasion ComputerName Remote Code Execution DNS
9 5 6.0 9 ZeroCERT

14854 2023-03-15 16:35 AnyDesk.exe  

33614c059849aaeacaa68422b11a9795


Gen2 Emotet Generic Malware UPX Malicious Library Malicious Packer ASPack Antivirus OS Processor Check CAB MSOffice File PE32 PE File VirusTotal Malware Check memory unpack itself WriteConsoleW Windows Remote Code Execution Cryptographic key
2.6 36 ZeroCERT

14855 2023-03-15 15:13 file.zip  

e2dbdc78e35b9e2a41fb7a966ddf02dc


ZIP Format VirusTotal Malware
2 2 1.2 M 22 ZeroCERT

14856 2023-03-15 13:21 aEYnbsDbnQ.zip  

f4bc186107b74715370913c7c37e3e40


ZIP Format Report DNS
6 3 2.2 ZeroCERT

14857 2023-03-15 12:25 foto0120.exe  

70edc98674c7ea3fe7070ae75d2a5a2a


Gen1 Emotet UPX Malicious Library CAB PE32 PE File Browser Info Stealer FTP Client Info Stealer AutoRuns PDB suspicious privilege MachineGuid Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Disables Windows Security Collect installed applications AntiVM_Disk VM Disk Size Check installed browsers check Windows Update Browser ComputerName Remote Code Execution DNS Cryptographic key Software crashed
1 10.6 M ZeroCERT

14858 2023-03-15 12:24 vbc.exe  

184ebe4739ba99e9a464b7e1dd553a62


RAT SMTP PWS[m] KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed keylogger
1 2 5 12.2 M 24 ZeroCERT

14859 2023-03-15 12:20 photo_004.exe  

cdede5029e973ba3810d42bc63892d27


UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware unpack itself Remote Code Execution
1.8 M 21 ZeroCERT

14860 2023-03-15 12:18 ark.exe  

29c22ed1bf240862754610f5d54d3bda


RAT UPX SMTP KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed
1 2 1 12.4 M 37 ZeroCERT

14861 2023-03-15 12:16 .win32.exe  

981041cc24cd48d16f824b344b071699


UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware PDB unpack itself Remote Code Execution
2.4 M 46 ZeroCERT

14862 2023-03-15 12:16 BL-1600072563308pdf.exe  

439d761548b85536d63cd8e4a8d26d8f


RAT UPX SMTP KeyLogger AntiDebug AntiVM OS Processor Check PE64 .NET EXE PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware PDB Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed
1 2 1 10.6 M 20 ZeroCERT

14863 2023-03-15 12:16 index.php  

21741dcd7562d956577d753d43d38830


Generic Malware UPX Malicious Library OS Processor Check PE32 PE File VirusTotal Malware unpack itself Remote Code Execution
1.8 M 20 ZeroCERT

14864 2023-03-15 12:14 vbc.exe  

ed211c31e750d637a54acba6d2c52561


RAT SMTP PWS[m] KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed keylogger
1 2 5 13.2 M 26 ZeroCERT

14865 2023-03-15 12:12 vbc.exe  

955e46de4eafb7f3e96b14964694cfdf


RAT UPX .NET EXE PE32 PE File VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger unpack itself
5.2 M 35 ZeroCERT