Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2023-06-28 07:45	vik.exe 5f859ce795a09f858adc51815cc0faf8 Generic Malware task schedule Admin Tool (Sysinternals etc ...) Antivirus AntiDebug AntiVM .NET EXE PE32 PE File Malware download AsyncRAT NetWireRC VirusTotal Malware Buffer PE AutoRuns PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities suspicious process AppData folder WriteConsoleW Windows ComputerName DNS Cryptographic key		1	2		13.2	M	45	ZeroCERT

2	2022-05-24 18:36	vbc.exe f05a460e312d90267b12335c3c86e6a8 PWS[m] Generic Malware UPX Malicious Library Antivirus Create Service DGA Socket ScreenShot DNS Internet API Code injection Sniff Audio HTTP Steal credential KeyLogger P2P Downloader Escalate priviledges FTP Http API AntiDebug AntiVM PE32 PE File Emotet VirusTotal Malware powershell Buffer PE AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files ICMP traffic RWX flags setting unpack itself Windows utilities suspicious process WriteConsoleW Tofsee Windows ComputerName DNS Cryptographic key DDNS crashed	4 Keyword trend analysis Info http://geoplugin.net/json.gp https://onedrive.live.com/download?cid=F547EE3E8FFF6BF5&resid=F547EE3E8FFF6BF5%21453&authkey=AOijTcPaFAa_sFY https://xxggqg.bn.files.1drv.com/y4mZ04JFnfIkWTrcbGjKJqnT1_whH5a4gewQUd9rU-zn-XASy9kj8861d5lBJpZeiYItjRRzNnljnkwb-cBR7SG3qIXnbzoRculh-hJehFsDMopV_mS3cHJ15pKloJfM014cqwcYcymtXfE3IbN-GlX5I6C_DkCFpK_5vHbP03E9NaOhkc8UXhmv9g4lALU24-ASME_KLf4QhHXs5iYy9VoUg/Oywnaspxncyxayhkogvpxcsolzrnnly?download&psid=1 https://xxggqg.bn.files.1drv.com/y4mo-OJo9wpmax2OvB29vRxbCR_XHI1S9TO9DxkvzSDmOtvVCfdjFA5iJe_tsCB5hke4QTjJLqf2DXsOokiGFDWYTUPxE1cccg9s5CHpH4mgpeJk7DEz2hTWHtbtslcxa5Szl4466KRJBjr-OM68hUz0Mri9n2FXq4bERFOmqvGuyLFMUhC1mk5TTcJ_Nro0Wjpsy2YHstADf0g6Zn42Lxg-w/Oywnaspxncyxayhkogvpxcsolzrnnly?download&psid=1	8	2		14.2	M	18	ZeroCERT

3	2022-03-26 09:11	rc.exe 1098eea1ee550a0b6100a11be53d27d8 PWS[m] Generic Malware Malicious Library Admin Tool (Sysinternals etc ...) UPX Antivirus Create Service DGA Socket ScreenShot DNS Internet API Code injection Sniff Audio HTTP Steal credential KeyLogger P2P Downloader Escalate priviledges FTP Http API Anti Emotet VirusTotal Malware powershell Buffer PE AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files ICMP traffic RWX flags setting unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName Remote Code Execution Cryptographic key crashed	1 Keyword trend analysis	7			15.4	M	28	ZeroCERT

First
1
Last
Total : 3cnts