Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
11.13 04:11
hello.exe
11.13 03:11
espsemhvcioff.exe
11.13 02:11
Geek_se.exe
11.13 02:11
cred64.dll
11.13 02:11
svhost.exe
11.13 02:11
nb.exe
11.13 02:11
svcyr.exe
11.13 02:11
Ghost_1.5.11.5.exe
11.13 02:11
PowderGpl.exe
11.13 02:11
goodlabel%E6%89%93%E5%...

Latest News
11.15 01:11
마이다스그룹, ‘AI 기반 면접 가이드’...
11.15 01:11
Chinese Data Center Fi...
11.15 01:11
한국이엔티씨, 2024년 고용노동부 주관...
11.15 12:11
Nebraskan Farmers Were...
11.15 12:11
휘틀, 4L 대용량 음식물처리기 ‘더슬림...
11.15 12:11
깨끗한나라 '디어스킨' 올리브영 관악타운...
11.15 12:11
모카시스템, '2024 도시·지역혁신대상...
11.15 12:11
전략 RPG ‘리메멘토–하얀 그림자’ C...
11.15 12:11
케이스티파이(CASETiFY), 5층 규...
11.15 11:11
2024-11-14 - Raspberry...

Summary | ZeroBOX

rev 0B744B7667EF335CB32CEA7A9E4FFC02.txt

RedLine stealer Generic Malware Admin Tool (Sysinternals etc ...) Malicious Library Anti_VM OS Processor Check

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Aug. 11, 2023, 4 a.m.	Aug. 11, 2023, 4 a.m.

Size	96.1MB
Type	data
MD5	`d355dd22f9d71b1b9bce9b03771c7f26`
SHA256	`56c504a737ab28a59e8406e99bc5ef9d9ad54251cd34de44c47363896e2fe9e4`
CRC32	`35270462`
ssdeep	`1572864:vN/bNnHSSLmyNHQgAb+k8m585ifjGVZ2dalm1offZb4UH+dsLeWQkDf6i/y6Dmsg:U`
Yara	OS_Processor_Check_Zero - OS Processor Check anti_vm_detect - Possibly employs anti-virtualization techniques Malicious_Library_Zero - Malicious_Library RedLine_Stealer_b_Zero - RedLine stealer Admin_Tool_IN_Zero - Admin Tool Sysinternals Generic_Malware_Zero - Generic Malware

wscript.exe "C:\Windows\System32\wscript.exe" "C:\Users\test22\AppData\Local\Temp\rev 0B744B7667EF335CB32CEA7A9E4FFC02.txt.js"
2672

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
164.124.101.2	Active	Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

No signatures