Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2021-03-22 17:54	clr3.exe b2c1396260a5bf7289fbd08cdb3cc96d Azorult .NET framework UltraVNC Gen AsyncRAT backdoor Browser Info Stealer FTP Client Info Stealer VirusTotal Malware Cryptocurrency wallets Cryptocurrency suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates shortcut Creates executable files unpack itself Collect installed applications Check virtual network interfaces suspicious process AppData folder AntiVM_Disk WriteConsoleW VM Disk Size Check installed browsers check Tofsee Ransomware Windows Browser ComputerName DNS Cryptographic key Software crashed	7 Keyword trend analysis Info http://74.119.193.164:3214/ http://185.153.198.36:10202/ https://bbuseruploads.s3.amazonaws.com/17d04c6a-c1d1-40c0-985a-f0740a053130/downloads/f827393c-b39f-450b-8854-d15458efc0cd/clr.exe?Signature=iv2dAOS7O5uDtcuy6pQLlA38CIQ%3D&Expires=1616403908&AWSAccessKeyId=AKIA6KOSE3BNJRRFUUX6&versionId=navAx2o.B364539FO2C5fA3kQTj_uTIH&response-content-disposition=attachment%3B%20filename%3D%22clr.exe%22 https://bbuseruploads.s3.amazonaws.com/17d04c6a-c1d1-40c0-985a-f0740a053130/downloads/63bdc9c9-25c5-4481-bdd4-24e8b322c041/coohom.exe?Signature=3v5pHGYDnTWICGm2HBSijwU5Vm4%3D&Expires=1616404050&AWSAccessKeyId=AKIA6KOSE3BNJRRFUUX6&versionId=vbsVworim5F6JZGDNseQH1r3xUaTZ3Gj&response-content-disposition=attachment%3B%20filename%3D%22coohom.exe%22 https://bitbucket.org/mminminminmin05/testtest/downloads/clr.exe https://bitbucket.org/mminminminmin05/testtest/downloads/coohom.exe https://api.ip.sb/geoip	8	2		17.8	M	16	ZeroCERT

First
1
Last
Total : 1cnts