Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
7606	2023-07-25 16:52	clip64.dll 2392b231cf4a80739b5cb09bf808127d Amadey UPX Admin Tool (Sysinternals etc ...) Malicious Library OS Processor Check DLL PE File PE32 VirusTotal Malware PDB Checks debugger unpack itself				2.0	M	60	r0d

7607	2023-07-25 16:55	clip64.dll 358ddcec1819198ecad04ef86899feaa Amadey UPX Admin Tool (Sysinternals etc ...) Malicious Library OS Processor Check DLL PE File PE32 VirusTotal Malware PDB Checks debugger unpack itself				2.0	M	59	r0d

7608	2023-07-25 17:22	1.exe df53bb96de4749ce780bf8b939dc2cd5 RedLine stealer UPX Malicious Library AntiDebug AntiVM OS Processor Check PE File PE32 Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Buffer PE suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI unpack itself Collect installed applications Check virtual network interfaces WriteConsoleW installed browsers check Tofsee Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed	1 Keyword trend analysis	3	4	13.4	M	41	r0d

7609	2023-07-25 18:49	crypt_se.exe bca2197eefdb2e06f4b9cf01f1d3e291 UPX Malicious Library PWS SMTP AntiDebug AntiVM OS Processor Check PE File PE32 Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Buffer PE PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI unpack itself Collect installed applications WriteConsoleW installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	1	12.0	M	27	ZeroCERT

7610	2023-07-25 18:49	ssltdzx.exe dd2d413bc603305444c816d1cf84e2b6 AgentTesla UPX .NET framework(MSIL) KeyLogger AntiDebug AntiVM OS Processor Check .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName Cryptographic key Software crashed		2	2	11.8	M	51	ZeroCERT

7611	2023-07-25 19:01	dewrww7a1z.exe 171411305a3172ab22696c63e445ef64 RedLine stealer RedLine Infostealer RedlineStealer UPX Malicious Library .NET framework(MSIL) Confuser .NET PWS AntiDebug AntiVM OS Processor Check PE File PE32 .NET EXE Browser Info Stealer RedLine Malware download FTP Client Info Stealer Malware Buffer PE PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Collect installed applications AppData folder malicious URLs WriteConsoleW installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		3	1	15.2	M		ZeroCERT

7612	2023-07-25 19:17	heaoyam78.exe 48761f8b0576e7bed627120ff51b4863 Generic Malware UPX Malicious Library Malicious Packer OS Processor Check PE File PE32 PE64 Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Collect installed applications Check virtual network interfaces installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed	1 Keyword trend analysis	2	8 Info ET MALWARE RedLine Stealer TCP CnC net.tcp Init ET MALWARE Redline Stealer TCP CnC Activity ET MALWARE Redline Stealer TCP CnC - Id1Response ET INFO Executable Download from dotted-quad Host ET INFO Packed Executable Download ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response	9.6	M	25	ZeroCERT

7613	2023-07-25 19:46	build.exe e71ef2f3f2cd8205edd79c5befa2f36a Generic Malware UPX Malicious Library Malicious Packer OS Processor Check PE64 PE File VirusTotal Malware crashed				1.4	M	52	ZeroCERT

7614	2023-07-26 07:45	franktraff.exe 3af762123fb3e732ba82d565b90da272 RedLine Infostealer RedLine stealer UPX .NET framework(MSIL) Confuser .NET OS Processor Check .NET EXE PE File PE32 Browser Info Stealer RedLine Malware download VirusTotal Malware suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key crashed		1	1	5.4		39	ZeroCERT

7615	2023-07-26 07:45	kkkk.exe 9139f048f1e79aa4b85629c03ecd1c77 RedLine Infostealer RedLine stealer UPX .NET framework(MSIL) Confuser .NET OS Processor Check .NET EXE PE File PE32 Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware suspicious privilege Check memory Checks debugger buffers extracted unpack itself Collect installed applications installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		1	3	6.2	M	47	ZeroCERT

7616	2023-07-26 07:47	calc.exe ca3048f3c3dfc5345968cbfed67cf23d UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware unpack itself				1.6		29	ZeroCERT

7617	2023-07-26 07:49	bobbyzx.exe 4c393a4ddc1b9e6307bc172e071d88b7 UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware unpack itself				1.6	M	29	ZeroCERT

7618	2023-07-26 07:51	sw9u9z1xm9z43h.exe 9b90639e6d0fe5ca34c15011adc922b1 RedLine stealer RedLine Infostealer RedlineStealer UPX Malicious Library .NET framework(MSIL) Confuser .NET PWS AntiDebug AntiVM OS Processor Check PE File PE32 .NET EXE Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Buffer PE PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Collect installed applications AppData folder malicious URLs WriteConsoleW installed browsers check Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed		2	3	14.4	M	43	ZeroCERT

7619	2023-07-26 07:54	ChromeSetup.exe 22866422e864635234b55a5d84fae10c NSIS UPX Malicious Library PE File PE32 OS Processor Check DLL FormBook Malware download VirusTotal Malware suspicious privilege Malicious Traffic Check memory Creates executable files ICMP traffic unpack itself AppData folder	2 Keyword trend analysis	5	1	5.2	M	30	ZeroCERT

7620	2023-07-26 07:54	file.exe cae4ece4402014c0e2527c2a277c6e04 UPX Malicious Library OS Processor Check PE File PE32 VirusTotal Malware unpack itself				1.6	M	25	ZeroCERT