Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2023-01-22 15:58	HouseGC.exe 25689b70c4489c2dc929df698c2245ee Gen1 Emotet Generic Malware Malicious Library UPX Antivirus PE32 CAB PE File VirusTotal Malware powershell AutoRuns PDB suspicious privilege Check memory Checks debugger Creates shortcut Creates executable files unpack itself Windows utilities powershell.exe wrote suspicious process AntiVM_Disk WriteConsoleW VM Disk Size Check Windows ComputerName Remote Code Execution DNS Cryptographic key		3			7.4	M	22	ZeroCERT

2	2022-06-15 09:46	PENASCOP-GROUP%20Payment%20TT-... 22ffced494d8f2867712fcb93f833e93 PWS[m] PWS Loki[b] Loki.m RAT Hide_EXE Generic Malware Antivirus DNS AntiDebug AntiVM PE32 .NET EXE PE File Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c powershell suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote suspicious process malicious URLs suspicious TLD installed browsers check Windows Browser Email ComputerName Cryptographic key Software crashed	1 Keyword trend analysis	2	7 Info ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Checkin ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Fake 404 Response		15.2	M	40	ZeroCERT

3	2022-03-10 15:01	Gncnf.exe cf80d7f101f19741575a3f1c58eca537 RAT PWS .NET framework PE File .NET EXE PE32 VirusTotal Malware Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces ComputerName	1 Keyword trend analysis	3			3.4	M	44	ZeroCERT

4	2021-10-06 13:48	1831612761.exe 66cf057af6a7014d593b3afc35ea9a6a RAT PWS .NET framework Generic Malware PE File PE32 OS Processor Check .NET EXE VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key		1			3.8	M	46	ZeroCERT

5	2021-07-30 11:15	faktura-77_2021-3.pdf.exe f7ba0f7a61b8b51a5e1823d5fd274d12 PWS .NET framework Gen1 Gen2 Generic Malware UPX Malicious Library Malicious Packer ScreenShot Http API Steal credential AntiDebug AntiVM PE32 OS Processor Check .NET EXE PE File DLL VirusTotal Email Client Info Stealer Malware Buffer PE PDB suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities Collect installed applications suspicious process AppData folder installed browsers check Tofsee Ransomware Windows Browser Email ComputerName DNS Cryptographic key	4 Keyword trend analysis	3	4		13.4		15	ZeroCERT

First
1
Last
Total : 5cnts