← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
CAPE Sandbox - zbetcheckintracker 12/6/2024
WHITE msudosos 2026-04-30 Modified: 2026-05-30
430
IOCs
HIGH VOLUME
VT Comments •"#zbetcheckin tracker Downloaded on 2024-12-06 05:54:14 UTC SRC URL : https://nuo-stems.fra1.cdn.digitaloceanspaces.com/NUO-STEMS-3-3.1.0-beta.3.exe IP : 104.18.42.227 AS : AS13335 Cloudflare, Inc. YARA : #debuggerpattern__cpuid #ft_exe #debuggertiming__ticks #ip #hasrichsignature #ispacked #mz_executable #screenshot #create_process #crc32_poly_constant #win_registry #hasoverlay #maldoc_suspicious_strings #math_entropy_close_8 #escalate_priv #debuggerpattern__rdtsc #executable_pe #ispe32 #url #win_files_operation #contains_pe_file #embedded_pe #isexecutable #win_token #iswindowsgui #maldoc_function_prolog_signature #contentis_base64"
defaultinprocserver32parent pidfull pathcommand lineusername eqimagenameshell dlgc tasklistusernamewindows sandboxclear filterstogglesystemrootfoldertypeidprecreateinfotipxffu xffuxfftmitre attxffxff xffxffdynamicloaderfirstpathvirustotaltoolsmusicmozilladesktopcrypt32hotkeystatic analysislaunchwinstadefense evasionserviceclosenextronempty
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (15 / 430 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA1 0066e102b0f253f2eefa4318aabead09128c1e3b 2026-04-30
FileHash-SHA1 160cbdc4cb0ac2c142d361df138c537aa7e708c9 2026-04-30
FileHash-SHA1 2c261667a88ca76c700cf61c24167d6185f164b8 2026-04-30
FileHash-SHA1 3d49fc2784b9450962ed6b82b46e9c3c957d7c15 2026-04-30
FileHash-SHA1 48df0911f0484cbe2a8cdd5362140b63c41ee457 2026-04-30
FileHash-SHA1 8d041966e6fba10aa5e10ce5dc1dc5175f11b2fe 2026-04-30
FileHash-SHA1 91b5ce085130c8c7194d66b2439ec9e1c206497c 2026-04-30
FileHash-SHA1 a35c7f5e9d9afff881a6a42e83e2b5a40f135117 2026-04-30
FileHash-SHA1 ab113b9d56fc550b82bdb6c416cb5b32089ec361 2026-04-30
FileHash-SHA1 bb3588bc4602c1a98c7388f938a0879df3e32498 2026-04-30
FileHash-SHA1 c22a190b83f4b6dc0d6a44b98eac1a89a78de55c 2026-04-30
FileHash-SHA1 eb607467009074278e4bd50c7eab400e95ae48f7 2026-04-30
FileHash-SHA1 1a0c95e8a24a81a93bb7066c382d31cc6aa2ddd7 2026-04-30
FileHash-SHA1 02cb591f75064ffe1e0df9ac3ed5972a2e491c97 2026-04-30
FileHash-SHA1 f339e7da7d05f6057fdfcdd3742bfcf365fee2a9 2026-04-30
References (3)
↗ https://vtbehaviour.commondatastorage.googleapis.com/7239da2f1e827d89f94256594629dc4d9d8c75edf0ca262de2566b6193a5ff9a_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1777520784&Signature=b%2BtX1%2Ffyku%2BclKccH3zOoEiQC%2FthJQjeHoIP4LV5sGJ6Zjj5tfJg3wNZYh2HBa4k26uwGj2nMlB0b0GYtweLW25Bc%2B404F%2BL6QapM%2B40QGW%2FB%2Br1PPeLGqibZInE87sOOaJiuEfSRazMcA%2BfHu%2Fb0jM4zPy9zJ0hixPtO1l5waijD8T%2Bb8bK1f%2BcYsBiZGyi%2B3iwCjtYGOqrh2%2FaUTIc2KtQ71wcNTUM ↗ https://vtbehaviour.commondatastorage.googleapis.com/7239da2f1e827d89f94256594629dc4d9d8c75edf0ca262de2566b6193a5ff9a_VirusTotal%20Jujubox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1777520838&Signature=yGBMSw%2BY%2B%2FQx%2B1Bgu6Ak6yeMjBaVPrWKwmi8%2BPSW9Ryb8yjHv%2F3l%2B6dUti2eDEBmA4SPDCXTAb%2B08R2KfsYirOWGVXRTcZtRb8y2pmconV4eHUen6aMCmJSoeDAF1ZUgO%2B2LskdO5QD8uvc8wEKVRInU4idJ0ttgmEDuQkNtIDi%2FDNr6SPFGqUkJVUlxpmKByswFzetMzuNN8Z8PLowoIBCQT13JXQ6wAy%2 ↗ https://vtbehaviour.commondatastorage.googleapis.com/7239da2f1e827d89f94256594629dc4d9d8c75edf0ca262de2566b6193a5ff9a_Yomi%20Hunter.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1777520882&Signature=wY5xl%2BYtBqki9lSTdsyaILrsT5QUwmmDT7LqFVonw6fiE9Ol7%2FbhW7T%2BmgCPPz2BaMiUXzt8uq3lJvsqaQkzLlFzxLgvwFM1pe%2BbKkZYBJsNzqAtZ%2FyI80TNC2%2FgFNmvCnZDjgiRx%2BxoTfnDJMYjzDnWbfywNJxYIgdw9G8GBd4MpxuCPkmADNlvC9snbqbfhs5yYwbydv9xq105M5N0ws8oj%2BUuC4kNSNEE4M8AmEqhGdx