Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2022-07-06 09:35	vbc.exe 1df7fc81095ae4a7c32c01c6ea402b58 RAT PWS .NET framework Generic Malware UPX PE32 OS Processor Check .NET EXE PE File VirusTotal Malware Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces Tofsee ComputerName	1 Keyword trend analysis	2	1		3.8	M	23	ZeroCERT

2	2022-06-14 17:47	vbc.exe d7a7eb6c5f82b9241622e3730245baae PWS[m] RAT Generic Malware Antivirus SMTP KeyLogger AntiDebug AntiVM PE32 .NET EXE PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself Disables Windows Security Check virtual network interfaces suspicious process WriteConsoleW IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	2 Keyword trend analysis	4	3		16.4	M	21	ZeroCERT

3	2021-12-23 11:21	MAEK.pif 6d5f00a23f0fc84d7e44a9dbcd31e0b4 RAT PWS .NET framework NPKI email stealer Hide_EXE Generic Malware UPX ASPack Malicious Packer Malicious Library Antivirus DNS Code injection KeyLogger Escalate priviledges Downloader persistence AntiDebug AntiVM PE File PE32 .NET EXE Browser Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates shortcut Creates executable files unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder AntiVM_Disk WriteConsoleW VM Disk Size Check installed browsers check Windows Browser Google Email ComputerName DNS Cryptographic key DDNS crashed	2 Keyword trend analysis	8	2		15.2	M	17	ZeroCERT

4	2021-11-05 18:12	soon.pif 714866d9b23d4eb4cef3bb94c4689a9c RAT PWS .NET framework NPKI email stealer Generic Malware ASPack Malicious Packer Malicious Library UPX Antivirus DNS Code injection KeyLogger Escalate priviledges Downloader persistence AntiDebug AntiVM PE File PE32 .NET EXE Browser Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted WMI Creates shortcut Creates executable files ICMP traffic unpack itself Windows utilities suspicious process AppData folder AntiVM_Disk sandbox evasion WriteConsoleW VM Disk Size Check installed browsers check Windows Browser Email ComputerName DNS Cryptographic key crashed		7			16.8		25	ZeroCERT

First
1
Last
Total : 4cnts