Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2022-05-23 09:48	account_security_repport.exe bac340e0ffe9121b7c86294e00c22c56 RAT UPX Malicious Library Admin Tool (Sysinternals etc ...) PE32 .NET EXE PE File VirusTotal Malware PDB Check memory Checks debugger unpack itself					1.8	M	23	ZeroCERT

2	2022-04-13 11:29	QuickSetDNS.exe 209609199e47fecdd76a96dabf1f9cf5 PWS[m] RAT PWS .NET framework Malicious Library UPX Create Service DGA Socket ScreenShot DNS Internet API Code injection Sniff Audio HTTP Steal credential KeyLogger P2P Downloader Escalate priviledges FTP Http API AntiDebug AntiVM PE32 .NET EXE PE File Browser Info Stealer Malware download FTP Client Info Stealer VirusTotal Malware PDB suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities Collect installed applications Check virtual network interfaces WriteConsoleW IP Check installed browsers check Windows Browser ComputerName Trojan DNS Cryptographic key Software crashed Downloader	4 Keyword trend analysis	7	9 Info ET INFO Executable Download from dotted-quad Host ET MALWARE Single char EXE direct download likely trojan (multiple families) ET INFO Packed Executable Download ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response ET POLICY External IP Lookup ip-api.com ET INFO EXE IsDebuggerPresent (Used in Malware Anti-Debugging) ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile	2	12.2	M	35	ZeroCERT

3	2022-04-12 17:29	ddd.exe bcaaf37e0beb6717d01b175e6bc78c44 RAT Generic Malware UPX Malicious Library MPRESS PE32 .NET EXE PE File PE64 OS Processor Check Malware download VirusTotal Malware PDB MachineGuid Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Check virtual network interfaces Ransomware Windows DNS Cryptographic key crashed	2 Keyword trend analysis	4	5 Info ET INFO Executable Download from dotted-quad Host ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response ET MALWARE CerberTear Ransomware CnC Checkin	2	6.8	M	25	ZeroCERT

4	2021-07-23 16:40	vbc.exe 4f71bce958bbbe6c82bde2df84e4d61e Generic Malware Malicious Library PE32 PE File VirusTotal Malware RWX flags setting unpack itself DNS		1			2.2	M	27	r0d

5	2021-07-23 09:34	vbc.exe 4f71bce958bbbe6c82bde2df84e4d61e PE32 PE File VirusTotal Malware RWX flags setting unpack itself					1.4	M	19	ZeroCERT

First
1
Last
Total : 5cnts