Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2021-03-23 18:30	VZR.exe fc7c1d93d598a03632552cb838f466e1 Google Chrome User Data browser info stealer VirusTotal Malware Buffer PE AutoRuns Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself suspicious process Windows DNS					11.2	M	17	ZeroCERT

2	2021-03-23 18:22	VZR.exe fc7c1d93d598a03632552cb838f466e1 Google Chrome User Data browser info stealer VirusTotal Malware Buffer PE AutoRuns Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself suspicious process Windows					10.6	M	17	ZeroCERT

3	2021-03-23 18:14	win32.exe 2016efd23d991477b03728e2013d9a8d Azorult .NET framework AsyncRAT backdoor Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs AntiVM_Disk VM Disk Size Check installed browsers check Windows Browser Email ComputerName DNS Cryptographic key Software	1 Keyword trend analysis	2	7 Info ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Fake 404 Response		13.8	M	25	ZeroCERT

4	2021-03-23 18:06	regasm.exe 1a1be53d670ccd09e6ec6826d2387980 Azorult .NET framework AsyncRAT backdoor Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs AntiVM_Disk VM Disk Size Check installed browsers check Windows Browser Email ComputerName DNS Cryptographic key Software	1 Keyword trend analysis	2	7 Info ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Fake 404 Response		13.6	M	14	ZeroCERT

5	2021-03-23 17:59	VZR.exe fc7c1d93d598a03632552cb838f466e1 Google Chrome User Data browser info stealer VirusTotal Malware Buffer PE AutoRuns Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself suspicious process Windows					10.6		17	ZeroCERT

First
1
Last
Total : 5cnts