Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2021-04-08 19:45	2.exe a7e67e6abd539aeddbb9021d23f6f217 Azorult .NET framework Gen1 AsyncRAT backdoor Browser Info Stealer VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files RWX flags setting unpack itself Windows utilities Collect installed applications Check virtual network interfaces suspicious process AppData folder malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check installed browsers check Windows Browser ComputerName DNS Cryptographic key crashed	10 Keyword trend analysis Info http://86.107.197.8:38214/ http://195.54.160.9:32972/ http://pokacienon.xyz/ https://bbuseruploads.s3.amazonaws.com/17d04c6a-c1d1-40c0-985a-f0740a053130/downloads/62ab596d-a885-41d2-8876-b14668b5131e/test.exe?Signature=QTjNeEZOEfvGMKnBzCyT7mG4nIg%3D&Expires=1617876243&AWSAccessKeyId=AKIA6KOSE3BNJRRFUUX6&versionId=4_MBFBXZdU5kGeZTREx1qRsbERpZ4M_z&response-content-disposition=attachment%3B%20filename%3D%22test.exe%22 https://iplogger.org/favicon.ico https://bbuseruploads.s3.amazonaws.com/17d04c6a-c1d1-40c0-985a-f0740a053130/downloads/9580842f-6891-49c8-802a-149bf1d42264/serv.exe?Signature=pn6i4toRFefu0thF36SY2ehfP5o%3D&Expires=1617875783&AWSAccessKeyId=AKIA6KOSE3BNJRRFUUX6&versionId=Iu1.paGkjklgsxTllu12XmiT7Jmt91vp&response-content-disposition=attachment%3B%20filename%3D%22serv.exe%22 https://iplogger.org/1tMzh7 https://api.ip.sb/geoip https://iplogger.org/1tsTg7 https://bbuseruploads.s3.amazonaws.com/17d04c6a-c1d1-40c0-985a-f0740a053130/downloads/a1867a39-2dbe-42c2-b513-5f9bd398e056/newred.exe?Signature=%2Bly8TEK7wfszfC4CJMdwVZNxl90%3D&Expires=1617876376&AWSAccessKeyId=AKIA6KOSE3BNJRRFUUX6&versionId=XZ1Wq9dWgSEXAF.IA6b.w7ImqXWWjs9E&response-content-disposition=attachment%3B%20filename%3D%22newred.exe%22	12 Info pokacienon.xyz(79.141.170.43) api.ip.sb(104.26.12.31) bbuseruploads.s3.amazonaws.com(52.217.136.201) - malware bitbucket.org(104.192.141.1) - malware iplogger.org(88.99.66.31) - mailcious 79.141.170.43 52.217.44.156 88.99.66.31 - mailcious 195.54.160.9 86.107.197.8 - mailcious 104.26.13.31 104.192.141.1 - mailcious			17.0	M	40	ZeroCERT

First
1
Last
Total : 1cnts