Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2023-11-15 07:51	audiodgse.exe a491f4dbb2e8aedd957e0f69b0562726 LokiBot .NET framework(MSIL) Socket PWS DNS AntiDebug AntiVM PE32 PE File .NET EXE Browser Info Stealer LokiBot Malware download FTP Client Info Stealer Email Client Info Stealer Malware c&c suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs AntiVM_Disk suspicious TLD VM Disk Size Check installed browsers check Browser Email ComputerName DNS Software	1 Keyword trend analysis	2	9 Info ET DNS Query for .su TLD (Soviet Union) Often Malware Related ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Fake 404 Response		12.6	M		ZeroCERT

2	2023-11-14 07:58	wininit.exe e746086f470668fe6cfc3da407fdd032 Formbook Generic Malware .NET framework(MSIL) Antivirus PWS DNS AntiDebug AntiVM PE32 PE File .NET EXE FormBook Malware download Malware powershell suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key	6 Keyword trend analysis Info http://www.chonggonzalez.com/bp31/ http://www.zloomux.com/bp31/ http://www.chonggonzalez.com/bp31/?4hIPNx=i8xMAsplts1fVWIwWOiZyKMG3HcPF0/pv9lT+CaFwPb7cSw7ejwLK6p2kEZsPcoFVhe8fhoh&nfut_l=xPJx_6jp&sql=1 http://www.zloomux.com/bp31/?4hIPNx=vvPW/2Pd5QHeIEBGm8G0+Ony9yXqUyBfOyFfBG0rKYjwD4sgiUzqNaP2HxjG8nxDdvZI64Qs&nfut_l=xPJx_6jp&sql=1 http://www.smartagriafrica.info/bp31/?4hIPNx=OJ1wdLQJPVHT7VM7DL9mTUJRAG8pTY12NlK6t8ps5ocpXXUVXYvRwMmTQlbyJ47ya7gchoZP&nfut_l=xPJx_6jp&sql=1 http://www.smartagriafrica.info/bp31/	7	1		11.0	M		ZeroCERT

First
1
Last
Total : 2cnts