Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2021-07-04 11:08	build.exe f41fd95f121782d8d2f4689ef056d293 Malicious Library DGA DNS Socket Http API Internet API ScreenShot AntiDebug AntiVM PE File PE32 OS Processor Check Malware download Dridex VirusTotal Malware Microsoft AutoRuns PDB Code Injection Checks debugger buffers extracted Creates executable files unpack itself AppData folder malicious URLs suspicious TLD Tofsee Windows ComputerName Remote Code Execution DNS crashed	2 Keyword trend analysis	6	10 Info ET POLICY External IP Address Lookup DNS Query SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET INFO TLS Handshake Failure ET DNS Query to a .top domain - Likely Hostile ET USER_AGENTS Suspicious User Agent (Microsoft Internet Explorer) ET INFO HTTP Request to a .top domain ET MALWARE Potential Dridex.Maldoc Minimal Executable Request ET HUNTING SUSPICIOUS Firesale gTLD EXE DL with no Referer June 13 2016 ET POLICY PE EXE or DLL Windows file download HTTP ET HUNTING Possible EXE Download From Suspicious TLD		12.4		26	ZeroCERT

First
1
Last
Total : 1cnts