Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2023-06-16 07:34	SetUpLyla1408.exe 18a462099db32bb42aa988bd33736f3d RedLine stealer[m] RAT Emotet Themida Packer UPX Admin Tool (Sysinternals etc ...) Socket DNS Anti_VM AntiDebug AntiVM .NET EXE PE File PE32 PNG Format JPEG Format PE64 Browser Info Stealer RedLine Malware download FTP Client Info Stealer VirusTotal Malware Buffer PE AutoRuns PDB suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Checks Bios Collect installed applications Detects VMWare Check virtual network interfaces AppData folder VMware anti-virtualization installed browsers check Tofsee Interception Stealer Windows Browser ComputerName Remote Code Execution Firmware DNS Cryptographic key Software crashed	13 Keyword trend analysis Info https://sso.passport.yandex.ru/push?uuid=e9bbb019-fb63-4232-9882-448d38c720b2&retpath=https%3A%2F%2Fdzen.ru%2F%3Fyredirect%3Dtrue https://dzen.ru/?yredirect=true https://yandex.ru/ http://tokoi45.beget.tech/server.txt http://tokoi45.beget.tech/server1.txt http://tokoi45.beget.tech/server2.txt http://entrenaconraulfit.com/webArg1.txt http://entrenaconraulfit.com/1/data64_1.exe http://entrenaconraulfit.com/1/data64_2.exe http://entrenaconraulfit.com/1/data64_3.exe http://entrenaconraulfit.com/1/data64_4.exe http://entrenaconraulfit.com/1/data64_5.exe http://entrenaconraulfit.com/1/data64_6.exe	14 Info entrenaconraulfit.com(193.84.177.249) - malware tokoi45.beget.tech(5.101.152.100) iplogger.com(148.251.234.93) - mailcious yandex.ru(77.88.55.88) dzen.ru(62.217.160.2) sso.passport.yandex.ru(213.180.204.24) 213.180.204.24 148.251.234.93 - mailcious 162.19.139.184 - mailcious 5.101.152.100 - malware 94.130.176.65 193.84.177.249 - malware 62.217.160.2 5.255.255.70	4		20.4		26	ZeroCERT

First
1
Last
Total : 1cnts