Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2022-05-23 07:57	vbc.exe 81f0d93bbb38afd671f419fa8bb1d80a PWS[m] RAT PWS .NET framework UPX SMTP KeyLogger AntiDebug AntiVM PE32 OS Processor Check .NET EXE PE File VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName Cryptographic key crashed					9.6	M	40	ZeroCERT

2	2022-05-20 17:39	smss.exe 0e69f6e65c1499ec9529d74f53bfe8d0 Loki PWS[m] PWS Loki[b] Loki.m RAT .NET framework UPX Socket DNS AntiDebug AntiVM PE32 OS Processor Check .NET EXE PE File Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c PDB suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs installed browsers check Windows Browser Email ComputerName DNS Cryptographic key Software	1 Keyword trend analysis	2	9 Info ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Fake 404 Response ET DNS Query for .su TLD (Soviet Union) Often Malware Related	1	13.4	M	14	ZeroCERT

First
1
Last
Total : 2cnts