Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2021-10-20 11:38	rundll32.exe 4d10925c2d52223135b1a2e069bc5ab0 RAT PWS .NET framework Generic Malware AntiDebug AntiVM PE File PE32 .NET EXE FormBook Malware download VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself	10 Keyword trend analysis Info http://www.driventow.com/fqiq/?v4=WJEXqHgS+1w7jYZxj6bk2V/X0M1eNxv0v3Pq27u1m9Xixx6h0OkNhZFzEpcOyr0h54ejSKl9&nt=V48Hzvcp http://www.doggycc.com/fqiq/?v4=tdw/kGidBWNf5mG6fHQmMwAAiMBNQnR2khavRofMnKaLgi1yozi7+GTgpK8KzEDZt5zoAAfd&nt=V48Hzvcp http://www.tablescaperendezvous4two.com/fqiq/ http://www.sanlifalan.com/fqiq/ http://www.tablescaperendezvous4two.com/fqiq/?v4=6JOAu55ahQuW4nGm3x3zF3lJbu5eEm2HTNrnzqBc/qIL0noTMPzpzXdnuN9xnnUaregthFw6&nt=V48Hzvcp http://www.sanlifalan.com/fqiq/?v4=prTEVkQv/aIuaJ5tknUsCYHPcHrUQSHWro/2zNHeF4wHPtFNVSB8ZmBi9ORqDWcgPylN7lnN&nt=V48Hzvcp http://www.driventow.com/fqiq/ http://www.doggycc.com/fqiq/ http://www.wolmoda.com/fqiq/ - rule_id: 6688 http://www.wolmoda.com/fqiq/?v4=S+cpy0umECTwuTE52eQvldFGZ7uWQHdiwg92XpTlC9HPK4+x2Wa76IO+IolmVoAcN8bu+dPq&nt=V48Hzvcp - rule_id: 6688	9	1	2	9.4	M	25	ZeroCERT

2	2021-10-19 09:55	rundll32.exe fa3d5b504712ac42e68f6c5d98598e1e RAT PWS .NET framework Generic Malware AntiDebug AntiVM PE File PE32 .NET EXE FormBook Malware download VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself	7 Keyword trend analysis Info http://www.esyscoloradosprings.com/fqiq/?t8o=KZhYdxsCK4fJ4m+EpksKfhNe7DL7yKRLCyuZj4rSbKSeqpNQJyJA+YHOsqPeAHgrxeW9DyCb&UlX=YvLT_ - rule_id: 6444 http://www.healthyweekendtips.com/fqiq/?t8o=nFNrhldW1G3Iuc6NBw1UbSwwpktYb/50pHeyo/0a7tjLnrEnAw7KG36PTjcGJ5KEduXnU9Wd&UlX=YvLT_ - rule_id: 6446 http://www.ipatchwork.today/fqiq/?t8o=4uUO9SnGhH7qrBLLau2QeKM25d/gV3/zp2Vn/jpTz6zTrds8IKqZgGZbt3S1nhaRXztFEuL7&UlX=YvLT_ http://www.floaterslaser.com/fqiq/?t8o=cd5R1bQmbqnLvLG63I3E0k/wUnqrUWXrQuGYWdnnzDIYGyWqiJOfWgNnmMSyom/RYKC7YMH4&UlX=YvLT_ http://www.wolmoda.com/fqiq/?t8o=S+cpy0umECTwuTE52eQvldFGZ7uWQHdiwg92XpTlC9HPK4+x2Wa76IO+IolmVoAcN8bu+dPq&UlX=YvLT_ http://www.satellitephonstore.com/fqiq/?t8o=Sq1XZHSrpCHed4l0gSE8w/MNMhRnHgbusCiv7TwhFJT/5cEiP7Kz4bRk1Jir79l1clbW8xKQ&UlX=YvLT_ http://www.applebroog.industries/fqiq/?t8o=0RH9gkF4+S66YbdBg5arrRt8ci9oBvnO84hTkOxxIVwmdJGohZyCC7mOG5N6PcmeIk25yT0k&UlX=YvLT_	15 Info www.healthyweekendtips.com(104.21.78.41) www.satellitephonstore.com(35.186.238.101) www.wolmoda.com(75.2.115.196) www.applebroog.industries(209.17.116.163) www.ipatchwork.today(34.233.132.165) www.esyscoloradosprings.com(108.167.135.122) www.quicksticks.community() www.floaterslaser.com(81.169.145.161) 35.186.238.101 - mailcious 209.17.116.163 - mailcious 108.167.135.122 - mailcious 172.67.216.2 81.169.145.161 - mailcious 75.2.115.196 - mailcious 34.233.132.165	2	2	7.8	M	14	ZeroCERT

First
1
Last
Total : 2cnts