Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2021-06-29 09:20	qwhIiV32COOeqWb.exe a010180ec459f5a24c4840eed0459b99 Generic Malware Admin Tool (Sysinternals etc ...) Malicious Library SMTP KeyLogger AntiDebug AntiVM .NET EXE PE32 PE File VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key crashed					10.8		16	ZeroCERT

2	2021-06-29 08:00	file.exe 1377082a9426aad3c55bcc506cdce14a PWS Loki[b] Loki[m] Generic Malware Malicious Library DNS Socket AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs AntiVM_Disk VM Disk Size Check installed browsers check Browser Email ComputerName DNS Software crashed	1 Keyword trend analysis	1	6 Info ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2	1	13.8	M	20	ZeroCERT

First
1
Last
Total : 2cnts