Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2023-10-16 11:20	fronttechnologicalprores.exe 5a0d618b0f8ed5b550a811e4b1afdf48 Lumma Gen1 Emotet Malicious Library .NET framework(MSIL) UPX Http API ScreenShot Internet API AntiDebug AntiVM PE File PE64 CAB MSOffice File PNG Format .NET EXE JPEG Format PE32 Browser Info Stealer Malware download VirusTotal Malware Cryptocurrency wallets Cryptocurrency AutoRuns PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files RWX flags setting exploit crash unpack itself Windows utilities Collect installed applications Check virtual network interfaces suspicious process AppData folder sandbox evasion WriteConsoleW installed browsers check Tofsee Ransomware Lumma Stealer Windows Exploit Browser ComputerName Remote Code Execution Firmware DNS Cryptographic key crashed	3 Keyword trend analysis	5	8 Info ET INFO External IP Lookup Domain (iplogger .com in DNS lookup) ET INFO External IP Lookup Domain (iplogger .com in TLS SNI) SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET MALWARE [ANY.RUN] Win32/Lumma Stealer Exfiltration ET INFO HTTP Request to a .pw domain ET INFO TLS Handshake Failure ET MALWARE [ANY.RUN] Win32/Lumma Stealer Check-In ET DNS Query to a .pw domain - Likely Hostile	3	22.2	M	45	ZeroCERT

First
1
Last
Total : 1cnts