Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2021-03-22 09:59	PO_107658_200.pdf 4ac557f524400a9007c6c8e6912e9e1f Antivirus AsyncRAT backdoor Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW VMware IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	5 Keyword trend analysis Info http://liverpoolsupporters9.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-C3D2B2E00FD2D0A487EE9D3E4ED34E37.html - rule_id: 462 http://liverpoolsupporters9.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-43E8645E63EE68E099B116467826FCEA.html - rule_id: 462 http://checkip.dyndns.org/ http://liverpoolsupporters9.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-5945125BA39050CC5933CF0C1B36419D.html - rule_id: 462 https://freegeoip.app/xml/175.208.134.150	6	4	3	17.0	M	22	Zero

2	2021-03-22 09:05	PO_107658_200.pdf 4ac557f524400a9007c6c8e6912e9e1f ftp Client info stealer email stealer Win Trojan agentTesla browser Antivirus Google Chrome User Data AsyncRAT backdoor Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote Check virtual network interfaces suspicious process malicious URLs WriteConsoleW VMware IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	5 Keyword trend analysis Info http://liverpoolsupporters9.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-C3D2B2E00FD2D0A487EE9D3E4ED34E37.html http://liverpoolsupporters9.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-43E8645E63EE68E099B116467826FCEA.html http://checkip.dyndns.org/ http://liverpoolsupporters9.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-5945125BA39050CC5933CF0C1B36419D.html https://freegeoip.app/xml/175.208.134.150	6	4		16.8	M	22	ZeroCERT

3	2021-03-21 19:24	IMG_724_Scanned_603.pdf 5c2cd6d19381ac5a4a517c2165b29813 ftp Client info stealer email stealer Win Trojan agentTesla browser Antivirus Google Chrome User Data AsyncRAT backdoor Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote Check virtual network interfaces suspicious process malicious URLs WriteConsoleW IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	8 Keyword trend analysis Info http://jejendjcjfhh.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-F0229FCF4361E3474252BC51486A1FE9.html - rule_id: 439 http://jejendjcjfhh.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-8F3703A552F71D1430FEA82C966AE9B0.html - rule_id: 439 http://jejendjcjfhh.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-00EF07D21C7D5F4678ACBB70D3F3CD39.html - rule_id: 439 http://checkip.dyndns.org/ https://freegeoip.app/xml/175.208.134.150 https://jejendjcjfhh.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-F0229FCF4361E3474252BC51486A1FE9.html - rule_id: 441 https://jejendjcjfhh.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-8F3703A552F71D1430FEA82C966AE9B0.html - rule_id: 441 https://jejendjcjfhh.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-00EF07D21C7D5F4678ACBB70D3F3CD39.html - rule_id: 441	6	4	6	16.8	M	33	ZeroCERT

4	2021-03-19 15:03	IMG_150-76-13.pdf dd8a7c3bac724eac74d25c6a39535f9c Antivirus VirusTotal Malware powershell Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself powershell.exe wrote suspicious process malicious URLs Windows ComputerName Cryptographic key	3 Keyword trend analysis				9.4	M	32	ZeroCERT

5	2021-03-19 14:53	IMG_150-76-13.pdf dd8a7c3bac724eac74d25c6a39535f9c Antivirus VirusTotal Malware powershell Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote suspicious process Windows ComputerName Cryptographic key					9.0	M	32	ZeroCERT

First
1
Last
Total : 5cnts