Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2023-08-02 17:09	taskmaskamd.exe 89e9bc7a5d97370a0f4a35041a54a696 Amadey Themida Packer UPX Malicious Library MPRESS Admin Tool (Sysinternals etc ...) PWS SMTP AntiDebug AntiVM PE File PE32 PE64 OS Processor Check JPEG Format Browser Info Stealer RedLine Malware download Amadey FTP Client Info Stealer VirusTotal Malware Microsoft Buffer PE AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates executable files RWX flags setting unpack itself Windows utilities Collect installed applications Check virtual network interfaces suspicious process AppData folder WriteConsoleW human activity check installed browsers check Tofsee Stealer Windows Browser ComputerName DNS Cryptographic key Software crashed	6 Keyword trend analysis	6	12 Info ET MALWARE Amadey CnC Check-In ET MALWARE Win32/Amadey Bot Activity (POST) M2 ET INFO Executable Download from dotted-quad Host ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 ET INFO Microsoft net.tcp Connection Initialization Activity ET MALWARE [ANY.RUN] RedLine Stealer Related (MC-NMF Authorization) ET INFO Packed Executable Download SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET MALWARE Amadey Bot Activity (POST) M1	2	20.6	M	47	ZeroCERT

First
1
Last
Total : 1cnts