Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2023-12-18 10:07	film.exe da044811ca4ac1cc04b14153dccbbf37 Themida Packer Generic Malware UPX PE32 PE File .NET EXE Lnk Format GIF Format DLL OS Processor Check ZIP Format Browser Info Stealer Malware download FTP Client Info Stealer Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency AutoRuns suspicious privilege MachineGuid Check memory Checks debugger buffers extracted WMI Creates shortcut Creates executable files unpack itself Windows utilities Checks Bios Collect installed applications Detects VMWare Check virtual network interfaces suspicious process AppData folder VMware anti-virtualization IP Check installed browsers check Tofsee Ransomware Windows Browser RisePro Email ComputerName Remote Code Execution Firmware DNS Cryptographic key Software crashed	2 Keyword trend analysis	4	7 Info ET MALWARE [ANY.RUN] RisePro TCP (Token) ET MALWARE Suspected RisePro TCP Heartbeat Packet ET MALWARE [ANY.RUN] RisePro TCP (External IP) ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io) SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET POLICY Possible External IP Lookup SSL Cert Observed (ipinfo.io) ET MALWARE [ANY.RUN] RisePro TCP (Exfiltration)		17.6	M		ZeroCERT

First
1
Last
Total : 1cnts