Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2023-11-27 09:38	amd.exe f4ba796f39305262e65d0ebd9d0ee33e Amadey Themida Packer Malicious Library UPX Admin Tool (Sysinternals etc ...) .NET framework(MSIL) PWS Anti_VM AntiDebug AntiVM PE32 PE File DLL OS Processor Check .NET EXE Browser Info Stealer Malware download Amadey FTP Client Info Stealer VirusTotal Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Windows utilities Checks Bios Collect installed applications Detects VirtualBox Detects VMWare Check virtual network interfaces suspicious process AppData folder WriteConsoleW VMware anti-virtualization installed browsers check SectopRAT Windows Browser Backdoor ComputerName Remote Code Execution Firmware DNS Cryptographic key Software crashed Downloader	2 Keyword trend analysis	5	7 Info ET INFO Executable Download from dotted-quad Host ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response ET MALWARE Arechclient2 Backdoor CnC Init ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2	1	23.8	M	60	ZeroCERT

First
1
Last
Total : 1cnts