Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
6016	2021-03-17 10:14	six.exe 317ddb5144c7747c3420bc360f15792d Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs AntiVM_Disk VM Disk Size Check installed browsers check Browser Email ComputerName DNS Software		2	7 Info ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Fake 404 Response		14.0	M	43	ZeroCERT

6017	2021-03-17 10:29	winlog.exe 3d3c42f1e8978a60cdf179841d6734ad VirusTotal Malware suspicious privilege Check memory Creates executable files unpack itself AppData folder malicious URLs sandbox evasion					4.4	M	14	r0d

6018	2021-03-17 10:39	winlog.exe 3d3c42f1e8978a60cdf179841d6734ad VirusTotal Malware suspicious privilege Check memory Creates executable files unpack itself AppData folder malicious URLs sandbox evasion					4.4	M	14	guest

6019	2021-03-17 10:48	m142.dll e85da3c5a35a887685ff4ce6bb360ade Trickbot VirusTotal Malware Remote Code Execution					1.2		10	guest

6020	2021-03-17 10:48	svchost.exe 7501030063afc2c2fe8045e59b2d8ad3 Azorult .NET framework VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Checks Bios Detects VirtualBox suspicious process malicious URLs VMware anti-virtualization Windows ComputerName Cryptographic key Software					11.8	M	27	ZeroCERT

6021	2021-03-17 10:49	svchost2.exe 304b0b3842a34c03d723c0537c72a612 Azorult .NET framework Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself suspicious process malicious URLs AntiVM_Disk VM Disk Size Check installed browsers check Windows Browser Email ComputerName DNS Cryptographic key Software	1 Keyword trend analysis	2	7 Info ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Fake 404 Response		14.0		19	ZeroCERT

6022	2021-03-17 10:54	4.exe 10eefbe8d8e288f2ea7882820dafe275 Raccoon Stealer VirusTotal Malware PDB unpack itself Windows crashed	3 Keyword trend analysis				2.6	M	20	guest

6023	2021-03-17 10:55	vpn.exe 125994972bda7486ecb1f3ec5618baa4 Malicious Library VirusTotal Malware Code Injection Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check Windows	3 Keyword trend analysis	1			6.6		17	guest

6024	2021-03-17 10:55	6.exe 603afc39509ea12acf6ef69b94af3fad Malicious Library VirusTotal Malware Code Injection Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs AntiVM_Disk WriteConsoleW IP Check VM Disk Size Check Windows ComputerName	1 Keyword trend analysis	3	1		9.0		14	guest

6025	2021-03-17 11:09	winlog.exe 3d3c42f1e8978a60cdf179841d6734ad VirusTotal Malware suspicious privilege Check memory Creates executable files unpack itself AppData folder malicious URLs sandbox evasion					4.4	M	14	guest

6026	2021-03-17 11:13	putty.exe 6fa14b3b1c54a26f0b9bbcd2f6b45899 VirusTotal Malware Check memory Checks debugger unpack itself malicious URLs Remote Code Execution					2.8	M	1	guest

6027	2021-03-17 11:15	putty.exe 6fa14b3b1c54a26f0b9bbcd2f6b45899 VirusTotal Malware Check memory Checks debugger unpack itself malicious URLs Remote Code Execution					2.8	M	1	guest

6028	2021-03-17 11:29	putty.exe 6fa14b3b1c54a26f0b9bbcd2f6b45899 VirusTotal Malware Check memory Checks debugger unpack itself malicious URLs Remote Code Execution					2.8	M	1	guest

6029	2021-03-17 11:42	putty.exe 6fa14b3b1c54a26f0b9bbcd2f6b45899 VirusTotal Malware Check memory Checks debugger unpack itself malicious URLs Remote Code Execution					2.8	M	1	guest

6030	2021-03-17 12:31	putty.exe 6fa14b3b1c54a26f0b9bbcd2f6b45899 VirusTotal Malware Check memory Checks debugger unpack itself malicious URLs Remote Code Execution					2.8	M	1	guest

First
Previous
401
402
403
404
405
406
407
408
409
410
Next
Last
Total : 48,320cnts