Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2023-08-21 10:21	1808tui.exe 34dc3b6f5ad9472d3eee5fe006b97b4a Gen1 Emotet .NET framework(MSIL) UPX Malicious Library PWS SMTP Socket DNS Javascript_Blob AntiDebug AntiVM PE File .NET EXE PE32 CAB PE64 PNG Format JPEG Format Lnk Format GIF Format Browser Info Stealer FTP Client Info Stealer VirusTotal Malware AutoRuns PDB suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities Collect installed applications Check virtual network interfaces AppData folder installed browsers check Interception Windows Browser ComputerName DNS Cryptographic key Software crashed	11 Keyword trend analysis Info http://tokoi45.beget.tech/server.txt http://tokoi45.beget.tech/server1.txt http://tokoi45.beget.tech/server2.txt http://industrias-lopez.com/webArg2.txt http://industrias-lopez.com/2/data64_1.exe http://industrias-lopez.com/2/data64_2.exe http://industrias-lopez.com/2/data64_3.exe http://industrias-lopez.com/2/data64_4.exe http://industrias-lopez.com/2/data64_5.exe http://industrias-lopez.com/2/data64_6.exe https://iplogger.com/12waJ4	10 Info industrias-lopez.com(66.225.201.5) - mailcious files.catbox.moe(108.181.20.39) - malware tokoi45.beget.tech(5.101.152.100) - mailcious iplogger.com(148.251.234.93) - mailcious 156.236.72.121 - mailcious 66.225.201.5 - malware 108.181.20.39 - mailcious 148.251.234.93 - mailcious 116.203.59.108 5.101.152.100 - malware			18.4	M	40	ZeroCERT

First
1
Last
Total : 1cnts