Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2021-09-28 16:16	lv.exe 990be1512e2d246835b3655ee103bf78 Gen1 Emotet Gen2 Themida Packer Generic Malware Malicious Library Anti_VM Malicious Packer PE File PE32 DLL PE64 VirusTotal Malware AutoRuns Code Injection Check memory Checks debugger Creates executable files unpack itself Windows utilities AppData folder AntiVM_Disk WriteConsoleW VM Disk Size Check Windows crashed		1			6.2	M	26	ZeroCERT

2	2021-07-09 10:02	lv.exe 1a784d7b62002cba21a58bdaaa93ab5f Raccoon Stealer Gen1 Gen2 Malicious Library PE32 PE File OS Processor Check DLL VirusTotal Malware Check memory Creates executable files unpack itself AppData folder Windows crashed					3.6		43	ZeroCERT

3	2021-07-03 09:23	lv.exe 35b76b8187301dece290bd83c7a3a5e3 Gen1 Gen2 UPX Malicious Library DGA DNS Socket Create Service Sniff Audio HTTP Escalate priviledges KeyLogger FTP Hijack Network Code injection Http API Internet API Steal credential ScreenShot Downloader P2P persistence AntiDebug AntiVM PE File PE32 DLL VirusTotal Malware Code Injection Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check Windows DNS		11 Info aus.thunderbird.net(99.86.202.125) aus5.mozilla.org(35.244.181.201) d2js2viceajwla.cloudfront.net(99.86.202.75) WYEnXVSECgshKtHcubAXXu.WYEnXVSECgshKtHcubAXXu() prod.balrog.prod.cloudops.mozgcp.net(35.244.181.201) 99.86.144.61 99.86.144.100 35.244.181.201 99.86.202.75 99.86.144.82 99.86.144.46			7.6		34	ZeroCERT

4	2021-06-22 09:19	lv.exe 25d8cefcd47eafa6fe575b02c3c65bcc Gen1 Gen2 Malicious Library DGA DNS Socket Create Service Sniff Audio HTTP Escalate priviledges KeyLogger FTP Hijack Network Code injection Http API Internet API Steal credential ScreenShot Downloader P2P persistence AntiDebug AntiVM PE File PE32 DLL OS P VirusTotal Malware Code Injection Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check Windows DNS crashed		1			9.0		39	ZeroCERT

5	2021-06-21 17:24	lv.exe 72eabb4aebfc3d4efd52b64d04847747 Gen1 Gen2 Malicious Library DGA DNS Socket Create Service Sniff Audio HTTP Escalate priviledges KeyLogger FTP Hijack Network Code injection Http API Internet API Steal credential ScreenShot Downloader P2P persistence AntiDebug AntiVM PE File PE32 DLL OS P VirusTotal Malware Code Injection Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check Windows crashed		1			8.4		32	ZeroCERT

First
1
Last
Total : 5cnts