Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2021-08-13 10:02	xds.exe 9192c2363847689ba2d28c05c4c04c6c RAT PWS .NET framework Generic Malware .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces Tofsee Windows DNS Cryptographic key crashed	1 Keyword trend analysis	3	1		6.6	M	31	ZeroCERT

2	2021-08-13 09:55	sww.exe c7ece25f5f2bec6d7287b7a531e14d44 RAT PWS .NET framework Generic Malware AntiDebug AntiVM .NET EXE PE File PE32 FormBook Malware download VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Tofsee Windows DNS Cryptographic key crashed	7 Keyword trend analysis Info http://www.thingstodoindunedin.com/niot/ http://www.thingstodoindunedin.com/niot/?EZU4Dv=48uOoX6Wc2hsKvIrOtn0ApaRaENJVHQfIumx6wM4fMbKLWvSbJa5dB449gGtDQ00apEQBZxS&DzrLW=VBZHTpkXnd1TKz http://www.gardencitybmt.com/niot/ http://www.finanzasparamamas.com/niot/ http://www.gardencitybmt.com/niot/?EZU4Dv=ZaqbUaYvDjuGQr0EDqqcWZh9vPIpKnCjn6oCX8HmduoUF/2PWdF8sZmlygdtdl7q61ZcKLMo&DzrLW=VBZHTpkXnd1TKz http://www.finanzasparamamas.com/niot/?EZU4Dv=YkTW+uzHL3SLBgk98Yosihv/KnE1sA5ZUP1MhCVnb/WzKuMtU2Nje3FBoHkkeJnSDHuX0U/l&DzrLW=VBZHTpkXnd1TKz https://www.bing.com/	14 Info www.google.com(172.217.175.68) www.brandygbco.space(91.215.152.214) www.coyoyi.com(127.0.0.1) www.gogetdental.com() www.everyonecpr.com() www.saferennahan.info() www.gardencitybmt.com(198.185.159.145) www.thingstodoindunedin.com(198.185.159.145) www.finanzasparamamas.com(104.16.13.194) 198.49.23.145 - mailcious 142.250.204.132 13.107.21.200 104.16.16.194 - mailcious 91.215.152.214	2		13.2		26	ZeroCERT

3	2021-08-13 09:53	sa.exe d32c07f78a2d47bd5b916231eae4e322 RAT PWS .NET framework Generic Malware AntiDebug AntiVM .NET EXE PE File PE32 FormBook Malware download VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities Check virtual network interfaces AppData folder Tofsee Windows DNS Cryptographic key crashed	4 Keyword trend analysis Info http://www.kemal.cloud/glgd/?bl=jk4VpCF5xdpBDNcbSqsqgBgwF6YcP4kaSOYLmBmtlVdMnJSVXFYCGxGvNq3dPEwe6EUIg0zq&Rx=8pdTb4gHinL0bf http://www.rbhealthy.com/glgd/?bl=kR8gmaZqMogH8CiUuJYgQcfwl5N31iCbhe58//cToFgt6foWGXoMvouW9NVpWQhogq8/M5Y/&Rx=8pdTb4gHinL0bf http://www.uniquelypotted.com/glgd/?bl=V9IxTD1L2pbNugnzWnDipJso32tnejGJlJNh1IVIAa1aPYJ6KBCtXWw1B+PcSxzlCdhuOnbd&Rx=8pdTb4gHinL0bf https://www.bing.com/	9	4		14.0		22	ZeroCERT

4	2021-08-11 09:38	h.exe fff2931f6150ad787d2bd6c951019d0b PWS Loki[b] Loki[m] RAT .NET framework Gen1 Gen2 Generic Malware UPX Malicious Packer Malicious Library DNS Socket KeyLogger HTTP Internet API ScreenShot Http API AntiDebug AntiVM .NET EXE PE File PE32 DLL OS Processor Check Browser Info Stealer Malware download FTP Client Info Stealer Azorult VirusTotal Email Client Info Stealer Malware suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities Collect installed applications Check virtual network interfaces suspicious process AppData folder malicious URLs sandbox evasion WriteConsoleW anti-virtualization installed browsers check Tofsee Windows Browser Email ComputerName DNS Cryptographic key Software crashed	2 Keyword trend analysis	4	3		20.6	M	23	ZeroCERT

First
1
Last
Total : 4cnts