Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2022-01-16 22:45	gb4.exe aa2184d98996d344d28729d7298e066d PWS Loki[b] Loki.m RAT .NET framework Generic Malware TEST Socket DNS AntiDebug AntiVM PE File PE32 .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces malicious URLs installed browsers check Windows Browser Email ComputerName DNS Cryptographic key Software crashed	2 Keyword trend analysis	3			13.6	M	24	ZeroCERT

2	2021-08-12 11:00	edi.exe 586f79d31e3b60f3737c247810e56612 NPKI Gen1 Generic Malware UPX Malicious Packer Malicious Library Antivirus ScreenShot AntiDebug AntiVM .NET EXE PE File PE32 DLL OS Processor Check Browser Info Stealer Malware download FTP Client Info Stealer NetWireRC VirusTotal Email Client Info Stealer Malware powershell Buffer PE AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI Creates shortcut Creates executable files ICMP traffic unpack itself suspicious process AppData folder WriteConsoleW Ransomware BitRAT Windows Browser Email ComputerName Cryptographic key Software crashed keylogger Password		5	3		24.4	M	20	ZeroCERT

3	2021-08-11 18:57	edi.exe 537d313f3dfe75d7a9d4f36f80cce049 Gen1 NPKI Generic Malware UPX Malicious Packer Malicious Library Antivirus ScreenShot AntiDebug AntiVM .NET EXE PE File PE32 DLL OS Processor Check Browser Info Stealer Malware download FTP Client Info Stealer NetWireRC VirusTotal Email Client Info Stealer Malware powershell Buffer PE AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI Creates shortcut Creates executable files ICMP traffic unpack itself suspicious process AppData folder WriteConsoleW Ransomware BitRAT Windows Browser Email ComputerName Cryptographic key Software crashed keylogger Password		5	3		24.4	M	23	ZeroCERT

4	2021-08-05 17:41	edi.exe 6a1e010d4b1a7f82ebf0dd330155fe77 AgentTesla RAT browser info stealer Generic Malware Google Chrome User Data UPX Antivirus ScreenShot Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection Downloader AntiDebug AntiVM .NET EXE PE File PE32 PNG Format MSOffice File Browser Info Stealer VirusTotal Email Client Info Stealer Malware powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files RWX flags setting unpack itself Windows utilities suspicious process AntiVM_Disk sandbox evasion WriteConsoleW VM Disk Size Check installed browsers check Tofsee Windows Browser Email ComputerName DNS Cryptographic key crashed keylogger	1 Keyword trend analysis	6	3		17.4		10	ZeroCERT

First
1
Last
Total : 4cnts