Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2021-07-22 11:01	csrss.exe 0ddeb0b17f45b044ca999164550dd25c NPKI Generic Malware Anti_VM UPX PE32 .NET EXE PE File VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger unpack itself Windows Cryptographic key crashed					5.6	M	31	ZeroCERT

2	2021-07-20 08:14	quotation.exe 688a5cdda1ae1e75e3e84facfecf3fb4 Generic Malware Anti_VM UPX AntiDebug AntiVM PE File PE32 .NET EXE FormBook Malware download VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key crashed	10 Keyword trend analysis Info http://www.toughcookiemasks.store/a3ea/ http://www.toughcookiemasks.store/a3ea/?tVm4=C8AXzH85EW6bcksLHaxF/KT8Irp4AtcdmYJKzOvgBn+W3BKccZ5NKp4N2sSXLniiTrul85mh&U48Hj=NtetP010Fhk0eBmp http://www.partypacktv.net/a3ea/ http://www.buscosol.com/a3ea/?tVm4=lRsiICaqtm2zzUnhXLfpLD7Q/+UaV/rCUiwMIjEIEqTTgaJvQmAUsMmIJXJ+m6+joKtZimwp&U48Hj=NtetP010Fhk0eBmp http://www.njzhongqiang.com/a3ea/?tVm4=7B5Y82ijZowLi65LlrOdfRJrA23b3y8A1iFQ94gfFtk3rWCbyNy7KEk3A3Kfr610vJsDD0tA&U48Hj=NtetP010Fhk0eBmp http://www.californiatonashville.com/a3ea/ http://www.californiatonashville.com/a3ea/?tVm4=8H22mTWKiFm53ygv7BpxdD0DMJSQry+Qjl67+C0ZF0kPq5HYZo9BXDHD5wcfLRsUUtyCBRrI&U48Hj=NtetP010Fhk0eBmp http://www.buscosol.com/a3ea/ http://www.njzhongqiang.com/a3ea/ http://www.partypacktv.net/a3ea/?tVm4=mKo1Qg6HqSIcsN4zQXcvrJa2ES1RBdIFriO8tlFo7dt3X/kB1ulnY9q1GBPnIXxgJBBZKIeM&U48Hj=NtetP010Fhk0eBmp	11 Info www.toughcookiemasks.store(64.98.145.30) www.californiatonashville.com(34.102.136.180) www.partypacktv.net(198.57.247.186) www.roseymacy.com() www.njzhongqiang.com(154.94.101.170) www.buscosol.com(217.160.0.234) 64.98.145.30 - mailcious 34.102.136.180 - mailcious 154.94.101.170 198.57.247.186 217.160.0.234 - mailcious	1		8.8	M	23	ZeroCERT

3	2021-07-20 08:05	quote.exe 65cb21f74729427dcb7ddb1bb8cb762f Generic Malware UPX AntiDebug AntiVM PE File PE32 .NET EXE FormBook Malware download VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key crashed	8 Keyword trend analysis Info http://www.wawum.com/bx69/?uHux=dhRiPExq/xxiIUXB7EydO+mZJ5L4wqx2f1y8ESic3IGwnJv14LBXD811Daq7+oAhXJsqb1m5&VtxXE=FFQL6Rl0F4PxGNl http://www.juststarte.com/bx69/?uHux=m6o6e6d24SbCObKdpsbCp++8dyPjGsXbogDneN8beLsYxsHAKFyaaVf93Vl6CX3pHAonRwh5&VtxXE=FFQL6Rl0F4PxGNl http://www.carinsurancetraining.com/bx69/?uHux=0pxyoY42BHmH1V0vulRcyyznUlGh8pWOPtfB0YSlxS5GTZfj5HVyd7QvBPv1TFq8QeS+9nSd&VtxXE=FFQL6Rl0F4PxGNl http://www.queroquitarbv.net/bx69/?uHux=msad9L+TAqNXfJtKBl+9CT9pnFOGdhHX3sDl9QEgjHOX52YV2a3W8C8K7WMlB9dncdMhNT9u&VtxXE=FFQL6Rl0F4PxGNl http://www.over50sixpackclub.com/bx69/?uHux=LIWDW+1TEXV64kNxyqeu0DutEMfDnet+dyZ/ucKpnye0GvgzAR5HL6W3Tpwh8MynrnckMJtz&VtxXE=FFQL6Rl0F4PxGNl http://www.cielovr.com/bx69/?uHux=AZLYT5CnCxELaXue8uWtU0LGC7jPLJgkZQY2KrWqfs2c+lofYKH+Gt4AdLVaGaYFdzGyrm5L&VtxXE=FFQL6Rl0F4PxGNl http://www.texturaterrazzo.com/bx69/?uHux=t7oL27tBlKB5IylsuMQ2mBUNwYYPI9nKXn+pi/ro2YcXKywcjn9D7/nLpZwcvHden1Ndw1Mg&VtxXE=FFQL6Rl0F4PxGNl http://www.kingdomkeys.house/bx69/?uHux=jnGogQyYVKfhK0rWB5boY/u9s0pgg8p8us/bWVBBOYS/2a0nDIncbHi+FuLUuLriGv0CT7q8&VtxXE=FFQL6Rl0F4PxGNl	13 Info www.texturaterrazzo.com(184.168.131.241) www.over50sixpackclub.com(34.102.136.180) www.kingdomkeys.house(34.102.136.180) www.carinsurancetraining.com(167.172.124.248) www.juststarte.com(23.227.38.74) www.queroquitarbv.net(34.102.136.180) www.cielovr.com(34.102.136.180) www.wawum.com(3.223.115.185) 184.168.131.241 - mailcious 34.102.136.180 - mailcious 167.172.124.248 3.223.115.185 - mailcious 23.227.38.74 - mailcious	1		8.4	M	26	ZeroCERT

4	2021-07-15 11:40	smartx.exe bce6b0dd0454052f8952f5174c26cec0 RAT Generic Malware UPX AntiDebug AntiVM PE32 PE File .NET EXE VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities AppData folder malicious URLs Windows Cryptographic key crashed	10 Keyword trend analysis Info http://192.168.56.103:2869/upnphost/udhisapi.dll?content=uuid:d96d86f3-ac35-41f2-9523-f4e50073f2f3 http://www.uyutny-svet.online/eqp3/ http://192.168.56.103:5357/da8ea474-550f-433d-b444-54d2081d1d24/ http://www.grapaojanjao.com/eqp3/ http://www.uyutny-svet.online/eqp3/?5j=CblEKO/jDHV1Nnreuzchc3HA1n3gtrd3+z5w8OSuzqrO8fXW1FPAwPQOqH5frdTlUpEtne+w&EZ442V=IdnTot6xhnFH http://www.simplicitylawyers.com/eqp3/?5j=1JlRKKc1ryObS2zWGCQwmyDXo7172X9qd+uj8VkBQN2btU1eXDdLeMaQ7yjeIPrl/st+y4Ki&EZ442V=IdnTot6xhnFH http://www.easyrepairsauto.com/eqp3/?5j=41nwx5lqGKzWHGUJCEbmzMcyKtNa2An7naJr3NNPKeswF3W6GX4ZmdROpgQ+0CPydD3Pj/yn&EZ442V=IdnTot6xhnFH http://www.simplicitylawyers.com/eqp3/ http://www.easyrepairsauto.com/eqp3/ http://www.grapaojanjao.com/eqp3/?5j=vhPMJ3ABFjMy54CV7tnGHjN8rnNhE2JoEzYPOiwetEI4estIKvVLL5Og+cRbULzo6BPqJ8aM&EZ442V=IdnTot6xhnFH	10 Info www.ccminghang.com() www.grapaojanjao.com(122.155.167.48) www.10system.club() www.easyrepairsauto.com(182.50.132.242) www.simplicitylawyers.com(34.102.136.180) www.uyutny-svet.online(209.99.40.222) 209.99.40.222 - mailcious 122.155.167.48 182.50.132.242 - mailcious 34.102.136.180 - mailcious			11.4		27	ZeroCERT

First
1
Last
Total : 4cnts