Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2021-05-21 16:38	vg23ty.exe 0f66f5cd6f420f6d386924c0243cc6dc AsyncRAT backdoor Ave Maria WARZONE RAT Antivirus AntiDebug AntiVM .NET EXE PE File PE32 FormBook Malware download VirusTotal Malware powershell suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key crashed	1 Keyword trend analysis	3	2		13.2	M	25	guest

2	2021-05-21 16:34	ConsoleApp19.exe ccf10dc1a6d121efdf9c28443a56e8b7 AsyncRAT backdoor Ave Maria WARZONE RAT Antivirus SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Check virtual network interfaces suspicious process WriteConsoleW IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	2 Keyword trend analysis	4	4		17.0	M	18	ZeroCERT

3	2021-05-21 16:33	ConsoleApp9.exe 0f938ac4802642b34cc7105fb04c32ac AsyncRAT backdoor AgentTesla Ave Maria WARZONE RAT Antivirus SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Check virtual network interfaces suspicious process malicious URLs WriteConsoleW IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	2 Keyword trend analysis	4	4		17.6	M	21	ZeroCERT

4	2021-05-21 16:27	vg23ty.exe 0f66f5cd6f420f6d386924c0243cc6dc AsyncRAT backdoor Ave Maria WARZONE RAT Antivirus AntiDebug AntiVM .NET EXE PE File PE32 FormBook Malware download VirusTotal Malware powershell suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key crashed	2 Keyword trend analysis	3	1		13.2	M	25	guest

5	2021-05-21 16:19	ConsoleApp12.exe 40caefae9655ee0c0726c76becde4743 PWS Loki[b] Loki[m] AsyncRAT backdoor Ave Maria WARZONE RAT Antivirus DNS AntiDebug AntiVM .NET EXE PE File PE32 Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c powershell suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger Creates shortcut unpack itself suspicious process malicious URLs WriteConsoleW installed browsers check Windows Browser Email ComputerName DNS Cryptographic key Software	1 Keyword trend analysis	2	7 Info ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Fake 404 Response		11.8	M	29	ZeroCERT

First
1
Last
Total : 5cnts