Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2023-08-04 09:19	plugmanzx.exe 5ec330fe2550aa08c66a9ffc6c034306 Client SW User Data Stealer Backdoor RemcosRAT browser info stealer Google Chrome User Data Downloader .NET framework(MSIL) Create Service Socket Escalate priviledges PWS Sniff Audio DNS ScreenShot Internet API KeyLogger AntiDebug AntiVM .NET EXE PE File Remcos VirusTotal Malware PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows DNS DDNS keylogger	1 Keyword trend analysis	4	2		10.6	M	22	ZeroCERT

2	2023-08-04 09:09	whatGodcando.exe 93b477baa88c9520aa5249bb3514d191 Generic Malware .NET framework(MSIL) Antivirus DNS AntiDebug AntiVM .NET EXE PE File PE32 Malware download Nanocore Cobalt Strike NetWireRC VirusTotal Malware c&c Buffer PE PDB suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities suspicious process WriteConsoleW human activity check Windows RAT ComputerName DNS Cryptographic key DDNS		3	7 Info ET MALWARE Possible NanoCore C2 60B ET MALWARE NanoCore RAT CnC 7 ET INFO DYNAMIC_DNS Query to a .duckdns .org Domain ET INFO DYNAMIC_DNS Query to .duckdns. Domain ET MALWARE NanoCore RAT Keep-Alive Beacon (Inbound) ET MALWARE NanoCore RAT Keepalive Response 3 ET MALWARE NanoCore RAT Keepalive Response 1		14.2	M	28	ZeroCERT

First
1
Last
Total : 2cnts