Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2023-07-19 07:33	logzx.exe 2bbe7bfa4829bf0bcdc2952b93bd9bd9 .NET framework(MSIL) SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer Malware download FTP Client Info Stealer Email Client Info Stealer Malware AgentTesla PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Windows Browser Email ComputerName DNS Cryptographic key Software crashed		3	2		11.0			ZeroCERT

2	2023-07-19 07:27	officialzx.exe f3fca96a7b2dbbd19c62c9a798e4ddb0 LokiBot .NET framework(MSIL) Socket PWS DNS AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer LokiBot Malware download FTP Client Info Stealer Email Client Info Stealer Malware c&c PDB suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs installed browsers check Browser Email ComputerName DNS Software	1 Keyword trend analysis	1	7 Info ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Fake 404 Response		13.6			ZeroCERT

3	2023-07-19 07:25	summ.exe 221b4dce039b2a7feaa20a87cffc4dc0 AgentTesla Generic Malware .NET framework(MSIL) Antivirus KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer Email Client Info Stealer PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities Check virtual network interfaces suspicious process WriteConsoleW IP Check Tofsee Windows Browser Email ComputerName Cryptographic key crashed		2	2		10.8			ZeroCERT

First
1
Last
Total : 3cnts