Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2023-03-16 09:36	NMA.exe 2fc9552b8ba5dd08a67bfce7c35fbcc9 PWS .NET framework RAT Generic Malware Antivirus AntiDebug AntiVM .NET EXE PE32 PE File FormBook Malware download VirusTotal Malware powershell suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process suspicious TLD WriteConsoleW Windows ComputerName DNS Cryptographic key	12 Keyword trend analysis Info http://www.elaynegullis.com/pz6u/?gfuoJ=RLN7TRGvjwHq7PUV878gaeLXTOoLSh2gVAY4HztmGBYlfrA0o1jLcKhByS7l3UvVa8DWXe8maGDlvA7o1isB3qskVRFdaINY+8OOoek=&Ib=JpVVn8kuJmjvnz http://www.ghyvmze5s.com/pz6u/?gfuoJ=uytR2Tiz1twpM2dhblQC1B7BthyLXXG5FY7Kn1WRtAiI0duJ2fbunveoTy7fDIn07wry7tOJS3Y6hqcaHiueaqrp/c4n5kqaEVxvo8M=&Ib=JpVVn8kuJmjvnz http://www.aviator238.cyou/pz6u/ http://www.tiflovector.ru/pz6u/?gfuoJ=0G6+4PQ3ff1VVX3bDlZY7prfmcsmSisC64ofEkjldKjfJt8rvq/jB6ECdFdI4gZQYQqDLzr6mpjEiqs3GX+9BiMAwHwt4KekEuDtmGU=&Ib=JpVVn8kuJmjvnz http://www.aviator238.cyou/pz6u/?gfuoJ=UyrgSxFtu3lXz+BcpDcql/UhilAww6e/QPXCtiRRfbVUoJ6/YhP9B1EmFWXTHuUT6TvndHSDvnTdkZIXPbpDZFJbIQW9nmMntHv5nFk=&Ib=JpVVn8kuJmjvnz http://www.glenwoodstudiocrafts.com/pz6u/?gfuoJ=AdMEqTYsvTG/AjKkKRLLui12hmt7noCWJPmXTDPlMsv+HXciE9QtIkdJXTqGLnrKTXLO19vQM3NQPwEWsx9FOo1L3PbWSzYh6xsrb6I=&Ib=JpVVn8kuJmjvnz http://www.tonica.life/pz6u/ http://www.glenwoodstudiocrafts.com/pz6u/ http://www.tonica.life/pz6u/?gfuoJ=H3cqQrnleOtYl7hnGPubiIS0labqzqigzX8IXx/talSmztzMUlwIfpk89Fh5WaVP3Lmv67mvQzkZfbTpOci4WeTcTAhchhNQbkNGdls=&Ib=JpVVn8kuJmjvnz http://www.tiflovector.ru/pz6u/ http://www.ghyvmze5s.com/pz6u/ http://www.sqlite.org/2016/sqlite-dll-win32-x86-3100000.zip	15 Info www.makulatura-sbor.site() www.glenwoodstudiocrafts.com(162.241.217.45) - mailcious www.ghyvmze5s.com(43.250.124.88) www.elaynegullis.com(34.117.168.233) www.tiflovector.ru(195.24.68.5) www.tonica.life(3.19.131.128) www.sqlite.org(45.33.6.223) www.aviator238.cyou(172.67.174.131) 172.67.174.131 34.117.168.233 - mailcious 195.24.68.5 3.14.161.55 43.250.124.88 45.33.6.223 162.241.217.45 - mailcious	3		11.8	M	34	ZeroCERT

First
1
Last
Total : 1cnts