Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2021-09-28 14:09	388_HYwcIAQXs5xdq7q.exe 001122f11ae95a3c00eb3e76541bc264 RAT PWS .NET framework Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 FormBook Malware download VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName	3 Keyword trend analysis Info http://www.210wscottstj.info/gst0/?qR-Lurxp=V3Nsub7gmgGcOwV1QiIoiFMv6QW9B7NYrLcA52cO0TiWfOKB3Ad4fSFblZAfHfNk+l3dFhw3&TVjH9b=yjRhbdjx7T6 http://www.online-jahrescoaching.com/gst0/?qR-Lurxp=HOnpgsoWu1tI0vRU7bPBS/F4WSR7tzt3WnryFXWIF038xb9/ErYOiTChbxhvsAX18t0q5uAN&TVjH9b=yjRhbdjx7T6 http://www.tenerus.info/gst0/?qR-Lurxp=bc2H+CXb4LINBWU3lVJoOqaXvmmpTEGD7FcjeqVKIkzzFbbJSoSmq3taLbMHRMCHnKbjxC/N&TVjH9b=yjRhbdjx7T6	6	1		9.6	M	25	ZeroCERT

2	2021-09-28 14:07	harshmanzx.exe dff3bf025dcd487a2f0fb22b4ccf8998 RAT PWS .NET framework Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 FormBook Malware download VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself suspicious TLD DNS	1 Keyword trend analysis	3	2		8.4	M	22	ZeroCERT

3	2021-09-28 13:56	file.exe 92e158b53761eed28e95649864220f59 RAT PWS .NET framework Generic Malware DNS AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware Buffer PE suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW human activity check Windows ComputerName DNS DDNS crashed		2	1		12.6	M	34	ZeroCERT

First
1
Last
Total : 3cnts