Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2021-06-23 09:21	vbc.exe 501b60e1f6bc866c767e57456884dc09 AgentTesla AsyncRAT backdoor browser info stealer Generic Malware Google Chrome User Data Admin Tool (Sysinternals etc ...) Malicious Library Socket Create Service Sniff Audio Escalate priviledges KeyLogger Code injection Downloader AntiDebug AntiVM PE Fi VirusTotal Malware Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key DDNS keylogger		2	1		12.2		30	ZeroCERT

2	2021-06-23 09:18	vbc.exe 7a6b5a0ec9d4c50b28100db6f480ec34 AsyncRAT backdoor Generic Malware Admin Tool (Sysinternals etc ...) Malicious Library PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger unpack itself Windows DNS Cryptographic key crashed					7.2		30	ZeroCERT

3	2021-06-23 09:14	wininit.exe ff5a7718e9f32b7332743f2b1b34d393 PWS Loki[b] Loki[m] AsyncRAT backdoor Generic Malware Admin Tool (Sysinternals etc ...) Malicious Library DNS Socket AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs installed browsers check Windows Browser Email ComputerName DNS Cryptographic key Software crashed	1 Keyword trend analysis	1	6 Info ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2	1	15.2	M	23	ZeroCERT

4	2021-06-23 09:11	vbc.exe 018c822e08bf5da34aab3a73a614f3f5 AsyncRAT backdoor Generic Malware Admin Tool (Sysinternals etc ...) Malicious Library SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key crashed					12.0		26	ZeroCERT

First
1
Last
Total : 4cnts