Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2024-06-26 10:16	build.exe 71b44c9a55f3b40681f6a5524ca9821d [m] Generic Malware Generic Malware Suspicious_Script_Bin task schedule Malicious Library UPX Socket DGA Http API ScreenShot PWS DNS Internet API AntiDebug AntiVM PE File PE32 OS Processor Check Malware download Dridex VirusTotal Malware Microsoft AutoRuns Code Injection Checks debugger buffers extracted Creates executable files ICMP traffic unpack itself Windows utilities AppData folder malicious URLs WriteConsoleW Tofsee Windows ComputerName Remote Code Execution DNS	3 Keyword trend analysis	6	9 Info ET USER_AGENTS Suspicious User Agent (Microsoft Internet Explorer) ET MALWARE Win32/Filecoder.STOP Variant Request for Public Key ET MALWARE Win32/Filecoder.STOP Variant Public Key Download ET MALWARE Potential Dridex.Maldoc Minimal Executable Request ET MALWARE Win32/Vodkagats Loader Requesting Payload ET INFO Observed External IP Lookup Domain (api .2ip .ua in TLS SNI) SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET POLICY PE EXE or DLL Windows file download HTTP ET POLICY External IP Address Lookup DNS Query (2ip .ua)		13.2	M	47	ZeroCERT

First
1
Last
Total : 1cnts