Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2024-09-06 14:21	66ba1a1880f9e_crypta.exe#kiscr a8b732ee59958581b2d5c62bb5b60c7a Stealc Client SW User Data Stealer ftp Client info stealer Generic Malware Malicious Library Malicious Packer .NET framework(MSIL) UPX ASPack Http API PWS AntiDebug AntiVM PE File .NET EXE PE32 OS Processor Check Malware download FTP Client Info Stealer VirusTotal Malware c&c Buffer PE PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities Collect installed applications suspicious process sandbox evasion WriteConsoleW anti-virtualization installed browsers check Stealc Stealer Windows Browser ComputerName Remote Code Execution DNS Software plugin	3 Keyword trend analysis	1	8 Info ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in ET MALWARE Win32/Stealc Requesting browsers Config from C2 ET MALWARE Win32/Stealc Requesting plugins Config from C2 ET MALWARE Win32/Stealc Submitting System Information to C2 ET INFO Dotted Quad Host DLL Request ET HUNTING HTTP GET Request for sqlite3.dll - Possible Infostealer Activity ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download	2	16.4	M	55	ZeroCERT

2	2024-08-19 14:37	66b9d00589bbc_doz.exe 7e729a0eb0ab720e7b7120fd4992d084 Stealc Client SW User Data Stealer LokiBot ftp Client info stealer Themida Packer Antivirus Malicious Library ASPack UPX Http API PWS HTTP Code injection Internet API AntiDebug AntiVM PE File .NET EXE PE32 OS Processor Check FTP Client Info Stealer VirusTotal Malware Telegram Buffer PE suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI unpack itself Windows utilities Checks Bios Collect installed applications Detects VMWare suspicious process malicious URLs sandbox evasion WriteConsoleW VMware anti-virtualization installed browsers check Tofsee Windows Browser ComputerName Firmware DNS Software crashed	2 Keyword trend analysis	5	3	1	20.6	M	54	ZeroCERT

First
1
Last
Total : 2cnts