Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2023-04-16 16:16	001.exe 5079a574e95863dcac4206efca348b15 Malicious Library PE64 PE File VirusTotal Malware Checks debugger crashed					2.0	M	43	ZeroCERT

2	2022-10-10 19:27	Server_se.exe 53460de37325b4979177f832ae51f9de UPX Malicious Library Anti_VM Downloader Malicious Packer PE32 OS Processor Check PE File VirusTotal Malware AutoRuns Malicious Traffic Check memory Creates executable files RWX flags setting unpack itself AntiVM_Disk sandbox evasion VM Disk Size Check Windows Browser DNS crashed	1 Keyword trend analysis	3			9.0	M	55	ZeroCERT

3	2021-03-30 11:03	r1021.dll 2e59bf0510ff753c4448a3a428f19db2 VirusTotal Malware AutoRuns Code Injection Check memory Checks debugger buffers extracted Creates executable files ICMP traffic RWX flags setting unpack itself Windows utilities sandbox evasion Windows ComputerName DNS		1			7.6		5	ZeroCERT

4	2021-03-30 10:53	count.php 35994b0f330dac6e145ebed16e77ddec Dridex TrickBot VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Checks debugger buffers extracted RWX flags setting unpack itself Check virtual network interfaces suspicious process IP Check Kovter ComputerName DNS crashed	20 Keyword trend analysis Info http://192.168.56.103:2869/upnphost/udhisapi.dll?content=uuid:d96d86f3-ac35-41f2-9523-f4e50073f2f3 http://192.168.56.103:2869/upnphost/udhisapi.dll?content=uuid:2d284ad3-5648-4376-8360-b0559e35418f http://192.168.56.103:5357/da8ea474-550f-433d-b444-54d2081d1d24/ http://wtfismyip.com/text https://137.27.167.58/rob39/TEST22-PC_W617601.312A97F76E51F9D43B18A1FFD13B7EF0/5/kps/ https://75.87.15.158/rob39/TEST22-PC_W617601.312A97F76E51F9D43B18A1FFD13B7EF0/14/path/C:%5CUsers%5Ctest22%5CAppData%5CRoaming%5CNetDownloadMng5575191179%5Cxzcountlb.dwn/0/ https://67.79.117.70/rob39/TEST22-PC_W617601.312A97F76E51F9D43B18A1FFD13B7EF0/1/pxPtLlVV7rz3hFHPxXVH9ntpH3/ - rule_id: 530 https://137.27.167.58/rob39/TEST22-PC_W617601.312A97F76E51F9D43B18A1FFD13B7EF0/14/pwgrab64/reload1/0/ https://75.87.15.158/rob39/TEST22-PC_W617601.312A97F76E51F9D43B18A1FFD13B7EF0/0/Windows%207%20x64%20SP1/1105/175.208.134.150/727F639DF1E9560A2743CB69221BB85D3D1D1CBDEE638318DB0A9F2C35331CAD/jdtzrTn7D1fhJNbBNVH7NJBPBDzrN/ https://67.79.117.70/rob39/TEST22-PC_W617601.312A97F76E51F9D43B18A1FFD13B7EF0/23/2000027/ - rule_id: 530 https://137.27.167.58/rob39/TEST22-PC_W617601.312A97F76E51F9D43B18A1FFD13B7EF0/1/4j4pxaBWesD3gH7yYCXrlLdHM/ https://137.27.167.58/rob39/TEST22-PC_W617601.312A97F76E51F9D43B18A1FFD13B7EF0/0/Windows%207%20x64%20SP1/1105/175.208.134.150/727F639DF1E9560A2743CB69221BB85D3D1D1CBDEE638318DB0A9F2C35331CAD/JXX9LFPNtFT75Htn3nVXhlnxNLP/ https://137.27.167.58/rob39/TEST22-PC_W617601.312A97F76E51F9D43B18A1FFD13B7EF0/14/pwgrab/sTart%20Run%20D%20failed/0/ https://67.79.117.70/rob39/TEST22-PC_W617601.312A97F76E51F9D43B18A1FFD13B7EF0/0/Windows%207%20x64%20SP1/1105/175.208.134.150/727F639DF1E9560A2743CB69221BB85D3D1D1CBDEE638318DB0A9F2C35331CAD/1jdJTPhNJftt9llb5HDzBt1d1t3/ - rule_id: 530 https://67.79.117.70/rob39/TEST22-PC_W617601.312A97F76E51F9D43B18A1FFD13B7EF0/14/NAT%20status/client%20is%20behind%20NAT/0/ - rule_id: 530 https://137.27.167.58/rob39/TEST22-PC_W617601.312A97F76E51F9D43B18A1FFD13B7EF0/14/exc/E:%200xc0000005%20A:%200x00000000771D9A5A/0/ https://67.79.117.70/rob39/TEST22-PC_W617601.312A97F76E51F9D43B18A1FFD13B7EF0/10/62/QHAVHUMUVKIZYSUYVK/7/ - rule_id: 530 https://137.27.167.58/rob39/TEST22-PC_W617601.312A97F76E51F9D43B18A1FFD13B7EF0/10/62/707854/0/ https://137.27.167.58/rob39/TEST22-PC_W617601.312A97F76E51F9D43B18A1FFD13B7EF0/14/user/test22/0/ https://67.79.117.70/rob39/TEST22-PC_W617601.312A97F76E51F9D43B18A1FFD13B7EF0/14/DNSBL/listed/0/ - rule_id: 530	15 Info 150.134.208.175.b.barracudacentral.org(127.0.0.2) 150.134.208.175.cbl.abuseat.org() wtfismyip.com(95.217.228.176) 150.134.208.175.zen.spamhaus.org() 67.79.117.70 - mailcious 95.217.228.176 67.212.241.127 75.87.15.158 72.180.57.176 12.158.156.51 103.26.251.214 98.6.170.206 137.27.167.58 24.182.101.64 45.164.80.94	4	6	12.0	M	11	ZeroCERT

First
1
Last
Total : 4cnts