Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2023-12-11 19:52	SoftwareMeetup.exe cbf9b27a8f0e0694c727f4365776b745 Raccoon Gen1 Suspicious_Script_Bin Downloader Malicious Library UPX Malicious Packer Http API ScreenShot Escalate priviledges PWS HTTP Code injection Internet API KeyLogger Create Service Socket DGA Steal credential Hijack Network Sniff Audio DNS persiste Browser Info Stealer Malware download Malware RecordBreaker Buffer PE suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Windows utilities Collect installed applications AppData folder malicious URLs sandbox evasion WriteConsoleW installed browsers check Stealer Windows Browser ComputerName DNS crashed	9 Keyword trend analysis Info http://5.42.64.45/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/msvcp140.dll http://5.42.64.45/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/mozglue.dll http://5.42.64.45/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/softokn3.dll http://5.42.64.45/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/sqlite3.dll http://5.42.64.45/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/vcruntime140.dll http://5.42.64.45/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/nss3.dll http://5.42.64.45/eaf08ca3e93323672f845af593b238c0 http://5.42.64.45/ - rule_id: 38686 http://5.42.64.45/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/freebl3.dll	2	11 Info ET MALWARE Win32/RecordBreaker CnC Checkin M1 ET MALWARE Win32/RecordBreaker CnC Checkin - Server Response ET INFO Dotted Quad Host DLL Request ET HUNTING HTTP GET Request for nss3.dll - Possible Infostealer Activity ET POLICY PE EXE or DLL Windows file download HTTP ET HUNTING HTTP GET Request for vcruntime140.dll - Possible Infostealer Activity ET HUNTING HTTP GET Request for mozglue.dll - Possible Infostealer Activity ET HUNTING HTTP GET Request for freebl3.dll - Possible Infostealer Activity ET HUNTING HTTP GET Request for softokn3.dll - Possible Infostealer Activity ET HUNTING HTTP GET Request for sqlite3.dll - Possible Infostealer Activity ET HUNTING Possible Generic Stealer Sending System Information	1	14.6	M	44	ZeroCERT

First
1
Last
Total : 1cnts