Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2022-05-20 17:35	Ffzhofyh.exe b5680d05c29db4aaac268573cd17a09b PWS[m] RAT SMTP KeyLogger AntiDebug AntiVM PE32 .NET EXE PE File VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger unpack itself WriteConsoleW Windows ComputerName DNS crashed	1 Keyword trend analysis	1			6.0		43	ZeroCERT

2	2022-01-11 10:47	newf.exe d313bf8a2165a0c62f9285d488fc2cf7 PWS Loki[b] Loki.m Generic Malware UPX DNS AntiDebug AntiVM PE File PE32 .NET EXE Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs installed browsers check Windows Browser Email ComputerName Cryptographic key Software	1 Keyword trend analysis	2	7 Info ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Fake 404 Response		11.8	M	24	ZeroCERT

3	2022-01-10 09:47	er.exe 5be33c7c53a2792f84c2e2d4e9f043d8 Generic Malware UPX PE File PE32 .NET EXE VirusTotal Malware suspicious privilege MachineGuid Code Injection Check memory Checks debugger unpack itself Windows Cryptographic key					4.2	M	38	ZeroCERT

First
1
Last
Total : 3cnts