Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2021-08-21 04:29	DCRatBuild.exe 8b9163cd83793b088066e54dfd74c62f Gen2 RAT Gen1 Generic Malware Malicious Library Malicious Packer DGA DNS Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection HTTP Internet API FTP ScreenShot Http API Steal credential Downloader P2P AntiDebug AntiVM PE File OS AutoRuns PDB suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder AntiVM_Disk WriteConsoleW IP Check VM Disk Size Check Tofsee Windows ComputerName Remote Code Execution crashed keylogger	3 Keyword trend analysis Info http://cq58782.tmweb.ru/toauthwindows.php?JL2L5tBWjPnGs3XTcD6uKG68l9j9Dk8=jd7jBYa4EX9b4TcqyURj&kzCP4k5KBT9RBgP5yRDnCqwGf=Sh2&fa3036a5fecf852c355e0f2473333069=iJWM4cDO5Q2Y1UjMkZmNxUmZwUTZkNDM0UTYkVWYxIDOlZDZ4EDOhNDM1gzNwQzM5YzN0kTM&27db3b6f029f67ff228920ab3ac1e781=gZlVmYmFTOxU2N5EmMhZTZ0IDOihjY1ITY3gTO2ATOhRGOjNzY1UWN&5d9fca7c5f45565f194c0589cda03d83=d1nIxcDOxImMlNGNiJWMwcDZzIzYwMWYzIjNxEzYzcjMlZTOyY2NlRWO1IiOiETMlZjY3gjYmJTN5QjN5MGMzUGN3IWMkBTOjFDO4czNiwiI1AjZ1IzN0UDM3UWZ1gzY0IzY0UGM3IjZwYzMmVjZjRjZyE2NkhjM3IiOiE2N4QGO4MjY2QjZ0UTMllTNkZ2N5QGM3YjYzQWO3QjNis3W http://cq58782.tmweb.ru/toauthwindows.php?JL2L5tBWjPnGs3XTcD6uKG68l9j9Dk8=jd7jBYa4EX9b4TcqyURj&kzCP4k5KBT9RBgP5yRDnCqwGf=Sh2&7097c1305bf626a29b306f28c3eb5a37=73d6e7d5c4f05e2c08f40d4996142654&27db3b6f029f67ff228920ab3ac1e781=QNjhTO4Q2NiJWMjRWO1IjYwIjM5ADNzQWMiVWNxUjNxIzMmJmY3QGO&JL2L5tBWjPnGs3XTcD6uKG68l9j9Dk8=jd7jBYa4EX9b4TcqyURj&kzCP4k5KBT9RBgP5yRDnCqwGf=Sh2 https://ipinfo.io/json	4	3		11.4			guest

2	2021-08-21 04:28	DCRatBuild.exe 8b9163cd83793b088066e54dfd74c62f Gen2 RAT Gen1 Generic Malware Malicious Library Malicious Packer AntiDebug AntiVM PE File OS Processor Check PE32 .NET EXE AutoRuns PDB suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities Check virtual network interfaces AppData folder AntiVM_Disk WriteConsoleW IP Check VM Disk Size Check Tofsee Windows ComputerName Remote Code Execution crashed keylogger	4 Keyword trend analysis Info http://cq58782.tmweb.ru/toauthwindows.php?6GnBPT9qoRmr=6FJXxKxTz2isrA9x1DfgQ9q&appdPVgKVqYJ6=8enC&NFTiT=2xNGLa7Yw6HeTDdWXWAmz1vFB2O2dSH&fa3036a5fecf852c355e0f2473333069=iJWM4cDO5Q2Y1UjMkZmNxUmZwUTZkNDM0UTYkVWYxIDOlZDZ4EDOhNDM1gzNwQzM5ADOxcDO&27db3b6f029f67ff228920ab3ac1e781=gZlVmYmFTOxU2N5EmMhZTZ0IDOihjY1ITY3gTO2ATOhRGOjNzY1UWN&5d9fca7c5f45565f194c0589cda03d83=d1nIwQTZ0YTO1EGZjZTY2QWO0YDZzMmZ2MjYjlTYzI2NhZzNldDO1IWYlJiOiETMlZjY3gjYmJTN5QjN5MGMzUGN3IWMkBTOjFDO4czNiwiI1AjZ1IzN0UDM3UWZ1gzY0IzY0UGM3IjZwYzMmVjZjRjZyE2NkhjM3IiOiE2N4QGO4MjY2QjZ0UTMllTNkZ2N5QGM3YjYzQWO3QjNis3W&87ce4deba4c91d1a3908423b6b690904=QX9JiI6IyNzQ2M0IDZ4YmZwIGO4MDZhZzNihjMjdjYlRTN0QjZhJCLiADNlRjN5UTYkNmNhZDZ5QjNkNzYmZzMiNWOhNjY3EmN3U2N4UjYhVmI6ISMxUmNidDOiZmM1kDN2kzYwMTZ0cjYxQGM5MWM4gzN3ICLiUDMmVjM3QTNwcTZlVDOjRjMjRTZwcjMmBjNzYWNmNGNmJTY3QGOycjI6ISY3gDZ4gzMiZDNmRTNxUWO1QmZ3kDZwcjNiNDZ5cDN2Iyes0nIRZWaJhlWuZUbihWMFlEdG12YulTbjFlSp9UajNjYrVzVhhlUxElQKNETptGbJZTSpJGcxckWC5EWhl2dpl0TKl2TpBzVZpmSXpFWOhVYpdXaJplSp9UaV1mY2h2RjZnSzkFcxAzYwp0QMlWSp9UajVVUVp0QMlWUYF2QCNkTyEUaUxkQDJGa1IjYw50MjxmWyIWeCZUSzEUejNTOHpVdsJjVp9maJlnVtZVdsJjVpd3Uml2ZHRWMGJjW1xmMjpHbXJmd4cVY1hTbaVHbHNGc5kHT20ESjBjUIFWavpWSsFzRahmVtNWa3lWSzZ1MixmTxwEasJzYCpUaPlWVtJmdwhlW0x2Rkl2dplkMnRVT6FkaJZTSDJGaSNzY2JkbJNXSTJmdOdlWzZ1RWdWRXpVe5IzUnllaONTU6VlQKl2TpNWbjZnSDxUaRR0TzsmaMJTSU10cBpmTyUlaMNTTqlkNJlXW2hXbJNXSpVFTKl2TptmbjBTNXRmdO1WSzl0QiFTOXpFVKl2TpRjMiBHZXpVeKNETpd3VkZnVyUVavpWS1IFWhpmSDxUaBRlT4RzQOpXRqxENBpWT1VleOhXSp9UaBhVYpNnbPlGOtpVdsV0YKp0QMlWSq1EMOhlWwoUaPlWVXJGa1s2Ys5EWWl2dplERCZFT5lERWRlVFZVavpWSsFzVZ9kTFVVa3lWS4RzQOVXUqlkNJl2YspFbjxmWuNGbOxWSzlUallEZF1EN0kWTnFURJZlQxE1ZBRUTwcGVMFzaHlEcwUkVvVVbjZnTFlEcJZ0SzZ1RkVHbrlkNJNlW0ZUbUZlQxEVa3lWSDJ0QNdGMDl0dTl1NSlHN2ATYKdzZwwEb0pGcuJna3QXcENVUIplRJF0ULdzYHp1Np9maJxWMXl1TWZUVIp0QMlWT5FVavpWSsJEWlVlSYplMKhlWUpUelJiOiczMkNDNyQGOmZGMihDOzQWY2cjY4IzY3IWZ0UDN0YWYiwiIyUDM4ImYhZDNiFDNlFjNygjN1gTO1YmYlJmZiNTMwY2MmRmNzADOhJiOiETMlZjY3gjYmJTN5QjN5MGMzUGN3IWMkBTOjFDO4czNiwiI1AjZ1IzN0UDM3UWZ1gzY0IzY0UGM3IjZwYzMmVjZjRjZyE2NkhjM3IiOiE2N4QGO4MjY2QjZ0UTMllTNkZ2N5QGM3YjYzQWO3QjNis3W http://cq58782.tmweb.ru/toauthwindows.php?6GnBPT9qoRmr=6FJXxKxTz2isrA9x1DfgQ9q&appdPVgKVqYJ6=8enC&NFTiT=2xNGLa7Yw6HeTDdWXWAmz1vFB2O2dSH&fa3036a5fecf852c355e0f2473333069=iJWM4cDO5Q2Y1UjMkZmNxUmZwUTZkNDM0UTYkVWYxIDOlZDZ4EDOhNDM1gzNwQzM5ADOxcDO&27db3b6f029f67ff228920ab3ac1e781=gZlVmYmFTOxU2N5EmMhZTZ0IDOihjY1ITY3gTO2ATOhRGOjNzY1UWN&5d9fca7c5f45565f194c0589cda03d83=d1nIxcDOxImMlNGNiJWMwcDZzIzYwMWYzIjNxEzYzcjMlZTOyY2NlRWO1IiOiETMlZjY3gjYmJTN5QjN5MGMzUGN3IWMkBTOjFDO4czNiwiI1AjZ1IzN0UDM3UWZ1gzY0IzY0UGM3IjZwYzMmVjZjRjZyE2NkhjM3IiOiE2N4QGO4MjY2QjZ0UTMllTNkZ2N5QGM3YjYzQWO3QjNis3W http://cq58782.tmweb.ru/toauthwindows.php?6GnBPT9qoRmr=6FJXxKxTz2isrA9x1DfgQ9q&appdPVgKVqYJ6=8enC&NFTiT=2xNGLa7Yw6HeTDdWXWAmz1vFB2O2dSH&7097c1305bf626a29b306f28c3eb5a37=73d6e7d5c4f05e2c08f40d4996142654&27db3b6f029f67ff228920ab3ac1e781=QNjhTO4Q2NiJWMjRWO1IjYwIjM5ADNzQWMiVWNxUjNxIzMmJmY3QGO&6GnBPT9qoRmr=6FJXxKxTz2isrA9x1DfgQ9q&appdPVgKVqYJ6=8enC&NFTiT=2xNGLa7Yw6HeTDdWXWAmz1vFB2O2dSH https://ipinfo.io/json	4	3		12.2			guest

3	2021-08-21 04:26	DCRatBuild.exe 8b9163cd83793b088066e54dfd74c62f Gen2 RAT Gen1 Generic Malware Malicious Library Malicious Packer AntiDebug AntiVM PE File OS Processor Check PE32 .NET EXE AutoRuns PDB suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities Check virtual network interfaces AppData folder AntiVM_Disk WriteConsoleW IP Check VM Disk Size Check Tofsee Windows ComputerName Remote Code Execution crashed keylogger	4 Keyword trend analysis Info http://cq58782.tmweb.ru/toauthwindows.php?lGZe8AcjODuUQz3iQSiLZmAWQr=1AMKHlt6LWjGq9s&x30cyCB=K3&fa3036a5fecf852c355e0f2473333069=iJWM4cDO5Q2Y1UjMkZmNxUmZwUTZkNDM0UTYkVWYxIDOlZDZ4EDOhNDM1gzNwQzM5ADM5QTM&27db3b6f029f67ff228920ab3ac1e781=gZlVmYmFTOxU2N5EmMhZTZ0IDOihjY1ITY3gTO2ATOhRGOjNzY1UWN&5d9fca7c5f45565f194c0589cda03d83=d1nIwQTZ0YTO1EGZjZTY2QWO0YDZzMmZ2MjYjlTYzI2NhZzNldDO1IWYlJiOiETMlZjY3gjYmJTN5QjN5MGMzUGN3IWMkBTOjFDO4czNiwiI1AjZ1IzN0UDM3UWZ1gzY0IzY0UGM3IjZwYzMmVjZjRjZyE2NkhjM3IiOiE2N4QGO4MjY2QjZ0UTMllTNkZ2N5QGM3YjYzQWO3QjNis3W&87ce4deba4c91d1a3908423b6b690904=QX9JiI6IyNzQ2M0IDZ4YmZwIGO4MDZhZzNihjMjdjYlRTN0QjZhJCLiADNlRjN5UTYkNmNhZDZ5QjNkNzYmZzMiNWOhNjY3EmN3U2N4UjYhVmI6ISMxUmNidDOiZmM1kDN2kzYwMTZ0cjYxQGM5MWM4gzN3ICLiUDMmVjM3QTNwcTZlVDOjRjMjRTZwcjMmBjNzYWNmNGNmJTY3QGOycjI6ISY3gDZ4gzMiZDNmRTNxUWO1QmZ3kDZwcjNiNDZ5cDN2Iyes0nIRZWaJhlWuZUbihWMFlEdG12YulTbjFlSp9UajNjYrVzVhhlUxElQKNETptGbJZTSpJGcxckWC5EWhl2dpl0TKl2TpBzVZpmSXpFWOhVYpdXaJplSp9UaV1mY2h2RjZnSzkFcxAzYwp0QMlWSp9UajVVUVp0QMlWUYF2QCNkTyEUaUxkQDJGa1IjYw50MjxmWyIWeCZUSzEUejNTOHpVdsJjVp9maJlnVtZVdsJjVpd3Uml2ZHRWMGJjW1xmMjpHbXJmd4cVY1hTbaVHbHNGc5kHT20ESjBjUIFWavpWSsFzRahmVtNWa3lWSzZ1MixmTxwEasJzYCpUaPlWVtJmdwhlW0x2Rkl2dplkMnRVT6FkaJZTSDJGaSNzY2JkbJNXSTJmdOdlWzZ1RWdWRXpVe5IzUnllaONTU6VlQKl2TpNWbjZnSDxUaRR0TzsmaMJTSU10cBpmTyUlaMNTTqlkNJlXW2hXbJNXSpVFTKl2TptmbjBTNXRmdO1WSzl0QiFTOXpFVKl2TpRjMiBHZXpVeKNETpd3VkZnVyUVavpWS1IFWhpmSDxUaBRlT4RzQOpXRqxENBpWT1VleOhXSp9UaBhVYpNnbPlGOtpVdsV0YKp0QMlWSq1EMOhlWwoUaPlWVXJGa1s2Ys5EWWl2dplERCZFT5lERWRlVFZVavpWSsFzVZ9kTFVVa3lWS4RzQOVXUqlkNJl2YspFbjxmWuNGbOxWSzlUallEZF1EN0kWTnFURJZlQxE1ZBRUTwcGVMFzaHlEcwUkVvVVbjZnTFlEcJZ0SzZ1RkVHbrlkNJNlW0ZUbUZlQxEVa3lWSDJ0QNdGMDl0dTl1NSlHN2ATYKdzZwwEb0pGcuJna3QXcENVUIplRJF0ULdzYHp1Np9maJxWMXl1TWZUVIp0QMlWT5FVavpWSsJEWlVlSYplMKhlWUpUelJiOiczMkNDNyQGOmZGMihDOzQWY2cjY4IzY3IWZ0UDN0YWYiwiIyUDM4ImYhZDNiFDNlFjNygjN1gTO1YmYlJmZiNTMwY2MmRmNzADOhJiOiETMlZjY3gjYmJTN5QjN5MGMzUGN3IWMkBTOjFDO4czNiwiI1AjZ1IzN0UDM3UWZ1gzY0IzY0UGM3IjZwYzMmVjZjRjZyE2NkhjM3IiOiE2N4QGO4MjY2QjZ0UTMllTNkZ2N5QGM3YjYzQWO3QjNis3W http://cq58782.tmweb.ru/toauthwindows.php?lGZe8AcjODuUQz3iQSiLZmAWQr=1AMKHlt6LWjGq9s&x30cyCB=K3&fa3036a5fecf852c355e0f2473333069=iJWM4cDO5Q2Y1UjMkZmNxUmZwUTZkNDM0UTYkVWYxIDOlZDZ4EDOhNDM1gzNwQzM5ADM5QTM&27db3b6f029f67ff228920ab3ac1e781=gZlVmYmFTOxU2N5EmMhZTZ0IDOihjY1ITY3gTO2ATOhRGOjNzY1UWN&5d9fca7c5f45565f194c0589cda03d83=d1nIxcDOxImMlNGNiJWMwcDZzIzYwMWYzIjNxEzYzcjMlZTOyY2NlRWO1IiOiETMlZjY3gjYmJTN5QjN5MGMzUGN3IWMkBTOjFDO4czNiwiI1AjZ1IzN0UDM3UWZ1gzY0IzY0UGM3IjZwYzMmVjZjRjZyE2NkhjM3IiOiE2N4QGO4MjY2QjZ0UTMllTNkZ2N5QGM3YjYzQWO3QjNis3W http://cq58782.tmweb.ru/toauthwindows.php?lGZe8AcjODuUQz3iQSiLZmAWQr=1AMKHlt6LWjGq9s&x30cyCB=K3&7097c1305bf626a29b306f28c3eb5a37=73d6e7d5c4f05e2c08f40d4996142654&27db3b6f029f67ff228920ab3ac1e781=QNjhTO4Q2NiJWMjRWO1IjYwIjM5ADNzQWMiVWNxUjNxIzMmJmY3QGO&lGZe8AcjODuUQz3iQSiLZmAWQr=1AMKHlt6LWjGq9s&x30cyCB=K3 https://ipinfo.io/json	4	3		12.6			guest

4	2021-08-21 04:18	DCRatBuild.exe 8b9163cd83793b088066e54dfd74c62f Gen2 RAT Gen1 Generic Malware Malicious Library Malicious Packer DGA DNS Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection HTTP Internet API FTP ScreenShot Http API Steal credential Downloader P2P AntiDebug AntiVM PE File OS AutoRuns PDB suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder AntiVM_Disk suspicious TLD WriteConsoleW IP Check VM Disk Size Check Tofsee Windows ComputerName Remote Code Execution crashed keylogger	2 Keyword trend analysis Info http://cq58782.tmweb.ru/toauthwindows.php?tONjm8E74hYgcHuHBKw7wOMcR5SfI=IMKnnpZ23TgX91vNWXOm7uEfHfB&SqpizDZLWzeFsJRdaZOVrDj5=f3YIofInok&n7h6cj1g=J4ydlErQqDPGuRTJADrUWbDjE0d2&fa3036a5fecf852c355e0f2473333069=iJWM4cDO5Q2Y1UjMkZmNxUmZwUTZkNDM0UTYkVWYxIDOlZDZ4EDOhNDM1gzNwQzM5AjN1gDN&27db3b6f029f67ff228920ab3ac1e781=gZlVmYmFTOxU2N5EmMhZTZ0IDOihjY1ITY3gTO2ATOhRGOjNzY1UWN&5d9fca7c5f45565f194c0589cda03d83=d1nIxcDOxImMlNGNiJWMwcDZzIzYwMWYzIjNxEzYzcjMlZTOyY2NlRWO1IiOiETMlZjY3gjYmJTN5QjN5MGMzUGN3IWMkBTOjFDO4czNiwiI1AjZ1IzN0UDM3UWZ1gzY0IzY0UGM3IjZwYzMmVjZjRjZyE2NkhjM3IiOiE2N4QGO4MjY2QjZ0UTMllTNkZ2N5QGM3YjYzQWO3QjNis3W http://cq58782.tmweb.ru/toauthwindows.php?tONjm8E74hYgcHuHBKw7wOMcR5SfI=IMKnnpZ23TgX91vNWXOm7uEfHfB&SqpizDZLWzeFsJRdaZOVrDj5=f3YIofInok&n7h6cj1g=J4ydlErQqDPGuRTJADrUWbDjE0d2&7097c1305bf626a29b306f28c3eb5a37=73d6e7d5c4f05e2c08f40d4996142654&27db3b6f029f67ff228920ab3ac1e781=QNjhTO4Q2NiJWMjRWO1IjYwIjM5ADNzQWMiVWNxUjNxIzMmJmY3QGO&tONjm8E74hYgcHuHBKw7wOMcR5SfI=IMKnnpZ23TgX91vNWXOm7uEfHfB&SqpizDZLWzeFsJRdaZOVrDj5=f3YIofInok&n7h6cj1g=J4ydlErQqDPGuRTJADrUWbDjE0d2	4	3		13.0			guest

First
1
Last
Total : 4cnts