Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2024-04-19 13:20	0pORecqxeDazSCU.scr 0111d8dff50eb7684ed4baf327b93aa5 AgentTesla Generic Malware Malicious Library .NET framework(MSIL) Antivirus PWS SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities Check virtual network interfaces suspicious process WriteConsoleW IP Check Windows Browser Email ComputerName DNS Cryptographic key Software crashed keylogger	1 Keyword trend analysis	3	1		15.4	M	38	ZeroCERT

2	2024-04-19 13:18	H8w3nxJQ4Gya5ED.scr 75fd7827bbf0b22f48275d5882af458f AgentTesla Generic Malware Malicious Library .NET framework(MSIL) Antivirus PWS SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities Check virtual network interfaces suspicious process WriteConsoleW IP Check Windows Browser Email ComputerName Cryptographic key Software crashed keylogger	1 Keyword trend analysis	2	1		15.0	M	46	ZeroCERT

3	2024-04-19 13:18	o9RbXKF6ZJDK949.scr 739cefccf7fa26e1f7f9923a6cc9620a Generic Malware Malicious Library .NET framework(MSIL) Antivirus AntiDebug AntiVM PE File .NET EXE PE32 DLL Browser Info Stealer VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities suspicious process AppData folder WriteConsoleW Windows Browser ComputerName Cryptographic key	14 Keyword trend analysis Info http://www.wewear-jim.com/9upe/ http://www.rkq86.website/9upe/ http://www.elenasurace.com/9upe/ http://www.webwheelsmedia.com/9upe/?DEn3=NSaCIZEoJ+QZ9jhF7tGDa+BLrEl0CK7Y96sMLirGe7sAJNGWEq2haaIDmSWp5pek3fOljaFVwf9eD3E05Ub0QyiP1sqr/DG6ZDElNR+6IIlsZoOyWosn7gR0L3c79adfxmQQp18=&6N=uFu_uEha_vdqrt9 http://www.webwheelsmedia.com/9upe/ http://www.elenasurace.com/9upe/?DEn3=roxVtZ6sPbqNh3mmVsIVFGlZg6mVXDhYapneEeUBrZ6gsD61pFwm4w8vCQUZ8838/v4xuxqTXQ3vquRQRSvS8x4sDL7HX1Kr5+4oY6tLYNDuU6rqNgpZgsmXdXZKkQsWwlY/qsQ=&6N=uFu_uEha_vdqrt9 http://www.book-of-degen.xyz/9upe/?DEn3=w8ceaZezyRwJxQICLHqVb8U/ZCj0O3GRVN4zSgr8MPWHVqOcrJ/AN6KAjgmhVVCGormLE0lSzE4ZXdW6chjE6eb6/+Um41z0Bsg5e+8+y/yF6GG+e9JqVhUYOXhdW5X0FVLwUQo=&6N=uFu_uEha_vdqrt9 http://www.book-of-degen.xyz/9upe/ http://www.applesolve.com/9upe/?DEn3=kNu3VLHdy2qLq2t0g8a4WpY0UEFP+oO+aXmu0FybT3J4obaRnHm7/qNvSnU6g5M9Potav1I9h8BPHs7SGURDc+CMgPGgU1DqYhR58+5eiA76tZfMGIuQdhKzGe4jIrALf/YuiF0=&6N=uFu_uEha_vdqrt9 http://www.sqlite.org/2018/sqlite-dll-win32-x86-3240000.zip http://www.applesolve.com/9upe/ http://www.wewear-jim.com/9upe/?DEn3=/0uOrRlAg1O0h1gSL0PyiwT1m8MI30HeGLx/vAKDXBPRefGx2pNK4ZDQRhus9iU+8XJ+1v+0+5UILlAlva2yetuXnrt/D2zTU6ZnrAl3uuTfmMV8gyoYpZNelPrzr6iVl54/Nbk=&6N=uFu_uEha_vdqrt9 http://www.rkq86.website/9upe/?DEn3=ZiRrp0B+qg3ajnxesOi8agsjvCPBc77bLQYrd0Vyocfp5DdL00yg53FpmSyOsltuaKsI/xD3SlAC6Pba1qEeq6Xc1xCtt5jIfskoFaC5CyupALSgForvVCkyHahycVL6pGpPO3M=&6N=uFu_uEha_vdqrt9 http://www.qj0yean.us/9upe/	15 Info www.qj0yean.us(91.195.240.123) www.wewear-jim.com(91.195.240.117) www.elenasurace.com(62.149.189.71) www.webwheelsmedia.com(162.241.253.78) www.rkq86.website(137.175.115.33) www.applesolve.com(188.116.38.155) www.book-of-degen.xyz(75.2.60.5) 162.241.253.78 - malware 75.2.60.5 - mailcious 137.175.115.33 91.195.240.117 - mailcious 62.149.189.71 45.33.6.223 91.195.240.123 - mailcious 188.116.38.155			13.2	M	40	ZeroCERT

First
1
Last
Total : 3cnts