Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2023-10-02 08:49	chinazx.exe 9d5e7753334bb508fb29a34122099524 LokiBot UPX .NET framework(MSIL) Socket PWS DNS AntiDebug AntiVM PE File PE32 .NET EXE Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c PDB suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs AntiVM_Disk suspicious TLD VM Disk Size Check installed browsers check Browser Email ComputerName DNS Software	1 Keyword trend analysis	2	9 Info ET DNS Query to a .top domain - Likely Hostile ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET INFO HTTP Request to a .top domain ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Fake 404 Response ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2		14.0	M	49	ZeroCERT

2	2023-09-30 13:38	rankobazx.exe 4849feb37691a61269212d9d323e6f79 UPX .NET framework(MSIL) PE File PE32 .NET EXE VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger unpack itself					5.4	M	37	ZeroCERT

3	2023-09-30 13:36	audiodg.exe d8f6b1d6c8b4210fec0826280dccf0fa UPX .NET framework(MSIL) PE File PE32 .NET EXE VirusTotal Malware PDB Check memory Checks debugger unpack itself					2.6	M	46	ZeroCERT

First
1
Last
Total : 3cnts