10.2.AAkXVY.exe.32177e0.2.unpack | JoeSecurity_PureLogStealer | Yara detected PureLog Stealer | Joe Security | |
0.2.LFfjUMuUFU.exe.25a77c8.3.unpack | JoeSecurity_PureLogStealer | Yara detected PureLog Stealer | Joe Security | |
0.2.LFfjUMuUFU.exe.2596b50.5.unpack | JoeSecurity_PureLogStealer | Yara detected PureLog Stealer | Joe Security | |
9.2.MSBuild.exe.3047c50.1.unpack | JoeSecurity_XWorm | Yara detected XWorm | Joe Security | |
9.2.MSBuild.exe.3047c50.1.unpack | MALWARE_Win_AsyncRAT | Detects AsyncRAT | ditekSHen | - 0x7d38:$cnc1: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
- 0x7dd5:$cnc2: Mozilla/5.0 (iPhone; CPU iPhone OS 11_4_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.0 Mobile/15E148 Safari/604.1
- 0x7eea:$cnc3: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36
- 0x7690:$cnc4: POST / HTTP/1.1
|
12.0.1235.exe.e10000.0.unpack | JoeSecurity_XWorm | Yara detected XWorm | Joe Security | |
12.0.1235.exe.e10000.0.unpack | JoeSecurity_GenericDownloader_1 | Yara detected Generic Downloader | Joe Security | |
12.0.1235.exe.e10000.0.unpack | MALWARE_Win_AsyncRAT | Detects AsyncRAT | ditekSHen | - 0x9b38:$cnc1: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
- 0x9bd5:$cnc2: Mozilla/5.0 (iPhone; CPU iPhone OS 11_4_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.0 Mobile/15E148 Safari/604.1
- 0x9cea:$cnc3: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36
- 0x9490:$cnc4: POST / HTTP/1.1
|
18.2.MSBuild.exe.2eb59e8.1.unpack | JoeSecurity_XWorm | Yara detected XWorm | Joe Security | |
18.2.MSBuild.exe.2eb59e8.1.unpack | MALWARE_Win_AsyncRAT | Detects AsyncRAT | ditekSHen | - 0x7d38:$cnc1: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
- 0x7dd5:$cnc2: Mozilla/5.0 (iPhone; CPU iPhone OS 11_4_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.0 Mobile/15E148 Safari/604.1
- 0x7eea:$cnc3: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36
- 0x7690:$cnc4: POST / HTTP/1.1
|
11.2.456.exe.3d69d70.0.raw.unpack | JoeSecurity_PureLogStealer | Yara detected PureLog Stealer | Joe Security | |
11.2.456.exe.3d69d70.0.unpack | JoeSecurity_PureLogStealer | Yara detected PureLog Stealer | Joe Security | |
0.2.LFfjUMuUFU.exe.25a77c8.3.raw.unpack | JoeSecurity_PureLogStealer | Yara detected PureLog Stealer | Joe Security | |
9.2.MSBuild.exe.3053078.2.unpack | JoeSecurity_XWorm | Yara detected XWorm | Joe Security | |
9.2.MSBuild.exe.3053078.2.unpack | MALWARE_Win_AsyncRAT | Detects AsyncRAT | ditekSHen | - 0x7d38:$cnc1: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
- 0x7dd5:$cnc2: Mozilla/5.0 (iPhone; CPU iPhone OS 11_4_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.0 Mobile/15E148 Safari/604.1
- 0x7eea:$cnc3: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36
- 0x7690:$cnc4: POST / HTTP/1.1
|
18.2.MSBuild.exe.2eaa5c0.0.raw.unpack | JoeSecurity_XWorm | Yara detected XWorm | Joe Security | |
18.2.MSBuild.exe.2eaa5c0.0.raw.unpack | JoeSecurity_GenericDownloader_1 | Yara detected Generic Downloader | Joe Security | |
18.2.MSBuild.exe.2eaa5c0.0.raw.unpack | MALWARE_Win_AsyncRAT | Detects AsyncRAT | ditekSHen | - 0x9b38:$cnc1: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
- 0x14f60:$cnc1: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
- 0x9bd5:$cnc2: Mozilla/5.0 (iPhone; CPU iPhone OS 11_4_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.0 Mobile/15E148 Safari/604.1
- 0x14ffd:$cnc2: Mozilla/5.0 (iPhone; CPU iPhone OS 11_4_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.0 Mobile/15E148 Safari/604.1
- 0x9cea:$cnc3: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36
- 0x15112:$cnc3: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36
- 0x9490:$cnc4: POST / HTTP/1.1
- 0x148b8:$cnc4: POST / HTTP/1.1
|
11.2.456.exe.7300000.1.unpack | JoeSecurity_PureLogStealer | Yara detected PureLog Stealer | Joe Security | |
0.2.LFfjUMuUFU.exe.67f0000.10.unpack | JoeSecurity_PureLogStealer | Yara detected PureLog Stealer | Joe Security | |
10.2.AAkXVY.exe.3206b68.0.unpack | JoeSecurity_PureLogStealer | Yara detected PureLog Stealer | Joe Security | |
0.2.LFfjUMuUFU.exe.67f0000.10.raw.unpack | JoeSecurity_PureLogStealer | Yara detected PureLog Stealer | Joe Security | |
18.2.MSBuild.exe.2eaa5c0.0.unpack | JoeSecurity_XWorm | Yara detected XWorm | Joe Security | |
18.2.MSBuild.exe.2eaa5c0.0.unpack | MALWARE_Win_AsyncRAT | Detects AsyncRAT | ditekSHen | - 0x7d38:$cnc1: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
- 0x7dd5:$cnc2: Mozilla/5.0 (iPhone; CPU iPhone OS 11_4_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.0 Mobile/15E148 Safari/604.1
- 0x7eea:$cnc3: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36
- 0x7690:$cnc4: POST / HTTP/1.1
|
9.2.MSBuild.exe.3053078.2.raw.unpack | JoeSecurity_XWorm | Yara detected XWorm | Joe Security | |
9.2.MSBuild.exe.3053078.2.raw.unpack | JoeSecurity_GenericDownloader_1 | Yara detected Generic Downloader | Joe Security | |
9.2.MSBuild.exe.3053078.2.raw.unpack | JoeSecurity_TelegramRAT | Yara detected Telegram RAT | Joe Security | |
9.2.MSBuild.exe.3053078.2.raw.unpack | Windows_Trojan_Asyncrat_11a11ba1 | unknown | unknown | - 0x1679a:$a1: /c schtasks /create /f /sc onlogon /rl highest /tn "
- 0x19614:$a2: Stub.exe
- 0x196a4:$a2: Stub.exe
- 0x131ba:$a3: get_ActivatePong
- 0x169b2:$a4: vmware
- 0x1682a:$a5: \nuR\noisreVtnerruC\swodniW\tfosorciM\erawtfoS
- 0x140b5:$a6: get_SslClient
|
9.2.MSBuild.exe.3053078.2.raw.unpack | INDICATOR_SUSPICIOUS_EXE_ASEP_REG_Reverse | Detects file containing reversed ASEP Autorun registry keys | ditekSHen | - 0x1682c:$s1: nuR\noisreVtnerruC\swodniW\tfosorciM
|
9.2.MSBuild.exe.3053078.2.raw.unpack | MALWARE_Win_AsyncRAT | Detects AsyncRAT | ditekSHen | - 0x19614:$s4: Stub.exe
- 0x196a4:$s4: Stub.exe
- 0x169c0:$s6: VirtualBox
- 0x16926:$s8: Win32_ComputerSystem
- 0x9b38:$cnc1: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
- 0x9bd5:$cnc2: Mozilla/5.0 (iPhone; CPU iPhone OS 11_4_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.0 Mobile/15E148 Safari/604.1
- 0x9cea:$cnc3: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36
- 0x9490:$cnc4: POST / HTTP/1.1
|
10.2.AAkXVY.exe.32177e0.2.raw.unpack | JoeSecurity_PureLogStealer | Yara detected PureLog Stealer | Joe Security | |
10.2.AAkXVY.exe.3206b68.0.raw.unpack | JoeSecurity_PureLogStealer | Yara detected PureLog Stealer | Joe Security | |
18.2.MSBuild.exe.2eb59e8.1.raw.unpack | JoeSecurity_XWorm | Yara detected XWorm | Joe Security | |
18.2.MSBuild.exe.2eb59e8.1.raw.unpack | JoeSecurity_GenericDownloader_1 | Yara detected Generic Downloader | Joe Security | |
18.2.MSBuild.exe.2eb59e8.1.raw.unpack | MALWARE_Win_AsyncRAT | Detects AsyncRAT | ditekSHen | - 0x9b38:$cnc1: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
- 0x9bd5:$cnc2: Mozilla/5.0 (iPhone; CPU iPhone OS 11_4_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.0 Mobile/15E148 Safari/604.1
- 0x9cea:$cnc3: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36
- 0x9490:$cnc4: POST / HTTP/1.1
|
11.0.456.exe.9a0000.0.unpack | JoeSecurity_AsyncRAT | Yara detected AsyncRAT | Joe Security | |
11.0.456.exe.9a0000.0.unpack | JoeSecurity_GenericDownloader_1 | Yara detected Generic Downloader | Joe Security | |
11.0.456.exe.9a0000.0.unpack | Windows_Trojan_Asyncrat_11a11ba1 | unknown | unknown | - 0xc5be:$a1: /c schtasks /create /f /sc onlogon /rl highest /tn "
- 0xf438:$a2: Stub.exe
- 0xf4c8:$a2: Stub.exe
- 0x8fde:$a3: get_ActivatePong
- 0xc7d6:$a4: vmware
- 0xc64e:$a5: \nuR\noisreVtnerruC\swodniW\tfosorciM\erawtfoS
- 0x9ed9:$a6: get_SslClient
|
11.0.456.exe.9a0000.0.unpack | INDICATOR_SUSPICIOUS_EXE_ASEP_REG_Reverse | Detects file containing reversed ASEP Autorun registry keys | ditekSHen | - 0xc650:$s1: nuR\noisreVtnerruC\swodniW\tfosorciM
|
9.2.MSBuild.exe.3047c50.1.raw.unpack | JoeSecurity_XWorm | Yara detected XWorm | Joe Security | |
9.2.MSBuild.exe.3047c50.1.raw.unpack | JoeSecurity_GenericDownloader_1 | Yara detected Generic Downloader | Joe Security | |
9.2.MSBuild.exe.3047c50.1.raw.unpack | JoeSecurity_TelegramRAT | Yara detected Telegram RAT | Joe Security | |
9.2.MSBuild.exe.3047c50.1.raw.unpack | Windows_Trojan_Asyncrat_11a11ba1 | unknown | unknown | - 0x21bc2:$a1: /c schtasks /create /f /sc onlogon /rl highest /tn "
- 0x24a3c:$a2: Stub.exe
- 0x24acc:$a2: Stub.exe
- 0x1e5e2:$a3: get_ActivatePong
- 0x21dda:$a4: vmware
- 0x21c52:$a5: \nuR\noisreVtnerruC\swodniW\tfosorciM\erawtfoS
- 0x1f4dd:$a6: get_SslClient
|
9.2.MSBuild.exe.3047c50.1.raw.unpack | INDICATOR_SUSPICIOUS_EXE_ASEP_REG_Reverse | Detects file containing reversed ASEP Autorun registry keys | ditekSHen | - 0x21c54:$s1: nuR\noisreVtnerruC\swodniW\tfosorciM
|
9.2.MSBuild.exe.3047c50.1.raw.unpack | MALWARE_Win_AsyncRAT | Detects AsyncRAT | ditekSHen | - 0x24a3c:$s4: Stub.exe
- 0x24acc:$s4: Stub.exe
- 0x21de8:$s6: VirtualBox
- 0x21d4e:$s8: Win32_ComputerSystem
- 0x9b38:$cnc1: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
- 0x14f60:$cnc1: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
- 0x9bd5:$cnc2: Mozilla/5.0 (iPhone; CPU iPhone OS 11_4_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.0 Mobile/15E148 Safari/604.1
- 0x14ffd:$cnc2: Mozilla/5.0 (iPhone; CPU iPhone OS 11_4_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.0 Mobile/15E148 Safari/604.1
- 0x9cea:$cnc3: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36
- 0x15112:$cnc3: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36
- 0x9490:$cnc4: POST / HTTP/1.1
- 0x148b8:$cnc4: POST / HTTP/1.1
|
0.2.LFfjUMuUFU.exe.2596b50.5.raw.unpack | JoeSecurity_PureLogStealer | Yara detected PureLog Stealer | Joe Security | |
10.2.AAkXVY.exe.31e464c.4.raw.unpack | JoeSecurity_PureLogStealer | Yara detected PureLog Stealer | Joe Security | |
11.2.456.exe.7300000.1.raw.unpack | JoeSecurity_PureLogStealer | Yara detected PureLog Stealer | Joe Security | |
11.2.456.exe.7364216.3.unpack | JoeSecurity_WebBrowserPassView | Yara detected WebBrowserPassView password recovery tool | Joe Security | |
0.2.LFfjUMuUFU.exe.2574634.1.raw.unpack | JoeSecurity_PureLogStealer | Yara detected PureLog Stealer | Joe Security | |
11.2.456.exe.7364216.3.raw.unpack | JoeSecurity_WebBrowserPassView | Yara detected WebBrowserPassView password recovery tool | Joe Security | |
11.2.456.exe.7340000.2.unpack | JoeSecurity_WebBrowserPassView | Yara detected WebBrowserPassView password recovery tool | Joe Security | |
11.2.456.exe.7340000.2.raw.unpack | JoeSecurity_WebBrowserPassView | Yara detected WebBrowserPassView password recovery tool | Joe Security | |
10.2.AAkXVY.exe.3456d68.5.raw.unpack | JoeSecurity_PureLogStealer | Yara detected PureLog Stealer | Joe Security | |
10.2.AAkXVY.exe.3459d98.3.raw.unpack | JoeSecurity_PureLogStealer | Yara detected PureLog Stealer | Joe Security | |
0.2.LFfjUMuUFU.exe.27e6d08.4.raw.unpack | JoeSecurity_PureLogStealer | Yara detected PureLog Stealer | Joe Security | |
0.2.LFfjUMuUFU.exe.27e9d38.0.raw.unpack | JoeSecurity_PureLogStealer | Yara detected PureLog Stealer | Joe Security | |
10.2.AAkXVY.exe.3457d80.1.raw.unpack | JoeSecurity_PureLogStealer | Yara detected PureLog Stealer | Joe Security | |
0.2.LFfjUMuUFU.exe.27e7d20.2.raw.unpack | JoeSecurity_PureLogStealer | Yara detected PureLog Stealer | Joe Security | |
Click to see the 54 entries |