Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2021-03-19 15:59	scan.exe 2a2790604ae0958c5652bb32d01c0219 Azorult .NET framework VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows ComputerName DNS Cryptographic key crashed					10.4	M	22	ZeroCERT

2	2021-03-19 15:00	ddd.exe 2ca2406431fbaf5befbf0de21509debe Azorult .NET framework Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs installed browsers check Windows Browser Email ComputerName Cryptographic key Software	1 Keyword trend analysis	2	7 Info ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Fake 404 Response		14.0	M	39	ZeroCERT

3	2021-03-18 18:12	saber.exe 9be7ceaf74ddf6accd91f06b7ae99c76 Azorult .NET framework VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName Cryptographic key crashed					11.2	M	22	ZeroCERT

4	2021-03-18 18:07	mym.exe 85a5e803660d58518f411d6e9d6c87a4 Azorult .NET framework ftp Client info stealer email stealer Win Trojan agentTesla browser Google Chrome User Data Download management VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Ransomware Windows Tor ComputerName DNS Cryptographic key crashed	2 Keyword trend analysis				11.8		33	ZeroCERT

5	2021-03-18 08:00	saber.exe 9be7ceaf74ddf6accd91f06b7ae99c76 Azorult .NET framework VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Cryptographic key crashed					10.4		22	Zero

First
1
Last
Total : 5cnts