Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2021-10-22 11:34	.vbc.exe 61f55bceba5b9a52c750555d62fc7ae9 Malicious Library UPX Create Service DGA Socket Steal credential DNS Internet API Code injection Sniff Audio HTTP KeyLogger FTP Escalate priviledges Downloader ScreenShot Http API P2P AntiDebug AntiVM PE File PE32 FormBook Emotet Malware download VirusTotal Malware Buffer PE AutoRuns Code Injection Malicious Traffic buffers extracted Creates executable files RWX flags setting unpack itself Windows utilities suspicious process WriteConsoleW Tofsee Windows ComputerName crashed	11 Keyword trend analysis Info http://www.syktxny.com/og2w/?HzrLR=8nCUkDMhhpUJRG43K21tXcgfonDfOShSkumyTfFE8rS8vc8c9x3KWZtckQdcrOjDdiF8eozj&Qh-Ha=tBwxNhWXOzSD&sql=1 http://www.syktxny.com/og2w/ http://www.royallecleaning.com/og2w/ http://www.tamzeedhossain.xyz/og2w/?HzrLR=2n8A1PfAVAzhZ3Hc4aY9dwANXyB5d3RIGzd/lG0EaSO3J5o8WGm6pS7XNEVcLC/w0j6f90Gx&Qh-Ha=tBwxNhWXOzSD&sql=1 http://www.tamzeedhossain.xyz/og2w/ http://www.royallecleaning.com/og2w/?HzrLR=RMYdZkGlKd9/cr2q5T7ZE6ssqe4CFpRGJ/mMAD2/ND62kBwptZEMascQDDeN8P25ASvuBy5k&Qh-Ha=tBwxNhWXOzSD&sql=1 http://www.riverdenim.com/og2w/?HzrLR=8Qx1tP3sSR3Pi0BPI5Y3Wscd1rolyxc4xXpahl252jPQw5aPvU+EM4W1Ph9GZj366CKy6bjY&Qh-Ha=tBwxNhWXOzSD&sql=1 http://www.riverdenim.com/og2w/ https://3jaqfq.am.files.1drv.com/y4m9NcDd_ZUc-GHIuKUJyY5hL6x3aLUxl-YC6RJP1LELDrHXkb4STEbYPsABvitxp7nPbLk9le36HVSTTDIiO0Trb7b1V7RTuFcf2-bU-I2nFaemAFuadfU0NoWSqbpkPK8rRQZjfl6YHBLX5qU-9GOQ9k4bjaSe72pWfC52uClmJHPOlKOOP_TcruMbLJ-CEdQ_EEBWOneCB3_bqGPDui2pw/Ajihoeuvpfseywgzvkdmaxhisrgsstr?download&psid=1 https://3jaqfq.am.files.1drv.com/y4mDJ-FDsSGp1PeATbALhO1LMI7cTJ9FePRrkNEtWG3rHFjt_i4rSUCWbQOGLNAmBI8N37baAfkTDo1nGhbOSuT7MK0ywZgPNGT33Noc102eAtOnfb-1XQGdUtGu9u38cLgAYzEvGmRo6bJ_gbtHFbm5E4_W8w2XTJKegmp-GqeyNrZsM69-AooFcQoTiVbnroYqmVVen8sASYkwAwmXz-dFA/Ajihoeuvpfseywgzvkdmaxhisrgsstr?download&psid=1 https://onedrive.live.com/download?cid=E9FFBDDD0AB75605&resid=E9FFBDDD0AB75605%21109&authkey=ABYj71iorCY38jA	12 Info onedrive.live.com(13.107.42.13) - mailcious www.tamzeedhossain.xyz(172.104.184.240) www.syktxny.com(156.233.233.109) www.royallecleaning.com(34.102.136.180) www.riverdenim.com(204.11.56.48) 3jaqfq.am.files.1drv.com(13.107.42.12) 172.104.184.240 13.107.42.13 - mailcious 13.107.42.12 - malware 34.102.136.180 - mailcious 204.11.56.48 - phishing 156.233.233.109	5		12.6		24	ZeroCERT

2	2021-10-22 09:40	vbc.exe efe651adf6dfc657dfe4d65434e2de5c Malicious Library UPX PE File PE32 VirusTotal Malware RWX flags setting unpack itself Tofsee crashed	2 Keyword trend analysis Info https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1634863115&rver=7.3.6962.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fonedrive.live.com%2Fdownload%3Fcid%3D1836E41CA02A0786%26resid%3D1836E41CA02A0786%2521127%26authkey%3DAOx84Mv6sv3iPME&lc=1033&id=250206&cbcxt=sky&cbcxt=sky https://onedrive.live.com/download?cid=1836E41CA02A0786&resid=1836E41CA02A0786%21127&authkey=AOx84Mv6sv3iPME	4	1		3.6		28	ZeroCERT

3	2021-10-22 09:35	vbc.exe 8085d3d42c44622ff02fdd0b0da21aa1 Malicious Library UPX PE File PE32 VirusTotal Malware RWX flags setting unpack itself Tofsee crashed	3 Keyword trend analysis Info https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1634862785&rver=7.3.6962.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fonedrive.live.com%2Fdownload%3Fcid%3D1836E41CA02A0786%26resid%3D1836E41CA02A0786%2521128%26authkey%3DAKFVLRIqw6-5mg8&lc=1033&id=250206&cbcxt=sky&cbcxt=sky https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1634862786&rver=7.3.6962.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fonedrive.live.com%2Fdownload%3Fcid%3D1836E41CA02A0786%26resid%3D1836E41CA02A0786%2521128%26authkey%3DAKFVLRIqw6-5mg8&lc=1033&id=250206&cbcxt=sky&cbcxt=sky https://onedrive.live.com/download?cid=1836E41CA02A0786&resid=1836E41CA02A0786%21128&authkey=AKFVLRIqw6-5mg8	4	1		3.6		26	ZeroCERT

4	2021-10-21 18:45	vbc.exe 43c4f31951dfaa67b56f438bc1454522 Malicious Library UPX PE File PE32 FormBook Emotet Malware download VirusTotal Malware Buffer PE AutoRuns Code Injection Malicious Traffic buffers extracted Creates executable files RWX flags setting unpack itself Tofsee Windows crashed	11 Keyword trend analysis Info http://www.trashwasher.com/ht08/?jrQDrX=uW1sPHtGTFBUTkesgE7uYKY6CRw967TpF9DAp4EO6MgnVSdl1zAyFTm+zdWq2zbODeL2N+lp&p0D=QfrDsny8j2kPE0s http://www.swisstradecenter.com/ht08/?jrQDrX=QSE46j0HNZ2QncZWLMtuNIJxO3VJtHj2iE4I7IkNciklA1BQH3YeyQjbp0g62VHrm1UWPSce&p0D=QfrDsny8j2kPE0s http://www.kinmanpowerwashing.com/ht08/?p0D=QfrDsny8j2kPE0s&jrQDrX=wJPYOBNPPe4q/AU39b/otaYCYPUa59MhN5lNfdB/7j2pgKnFe5P4sOF7ywpp0IQx2Nw/u5M7 http://www.cdgdentists.com/ht08/?p0D=QfrDsny8j2kPE0s&jrQDrX=EXbQHeCb31o1gaBaR2ATYI6ExABbI7DKLBQ2CIR3ARrEXHsMlpnG7TJ7X1JozzLBrtTu60nh http://www.oilelm.com/ht08/?p0D=QfrDsny8j2kPE0s&jrQDrX=+MKoH/T1lSGBa8iWH91/ZquhTarcPNk/tfbZWgzq/IKlWL2S/ubFt9bqD7NQKtX6NP3pa9SI http://www.amaroqadvisors.com/ht08/?jrQDrX=u/HH8oXplBhOFryswzp14fRHx2iZXqd5LlKZ1+of1fszA0QUqCsF/wVmyePk0HUmpsPYuBxx&p0D=QfrDsny8j2kPE0s http://www.oooci.com/ht08/?jrQDrX=N3mp3TnmlmOVAV+GBSkbxeVJeF+TLCeopoFxOLndztPBPVOFElj2miXAPLJhlFBp52cue+7l&p0D=QfrDsny8j2kPE0s http://www.septemberstockevent200.com/ht08/?p0D=QfrDsny8j2kPE0s&jrQDrX=YVcVQnABcJsSl1vo8PwpXZC8MGRy3pUK9T1n+/sxD5UspzF5wJe0fyLK9odyh4hH5ST6BMWP https://owfboa.dm.files.1drv.com/y4mmGEQ-1TDGWvA6srDdg7lIrn1Oc-IcieS9yK0yjEgqixnisRz1pHwTYHyXpmsBWdPtArgy7blgdempTtadNiVRcbinYKYCyletcXYWpE5khUcMHXWFto4eVdeTdAIrs0BatLzvepPG8tTU5ebW2mvg4zCaH1LHQxf_F95RdwjWiFbiFK28ZqFIaBN0iq15Gfi0vvbafd9LrWYvE6pJ7efIA/Ewzmyhkhgsejfrjfwzttwocuueudzgr?download&psid=1 https://owfboa.dm.files.1drv.com/y4mUfne4wayPOFatX-pbl6vWAtr619eHfZxjSq-Nz-7Vqg6l3ceiOlz0DebBFWCOW_3msvrTRqCAoBdhpjV1KeyTZ4XPy4CNzV-5M1Cq7oXAB8kGm9SPNgqXKQVg3qkcrWjuAv9rbUSvXX_Z34Ybr5jYUlszfdrxqFZhzKrUigROi5ITLXVl3DcbLodY3blfsCvabJpAY3zWSWxQMGIxQVszQ/Ewzmyhkhgsejfrjfwzttwocuueudzgr?download&psid=1 https://onedrive.live.com/download?cid=BCFBDC0738CBFF0F&resid=BCFBDC0738CBFF0F%21109&authkey=AONmXFICrRaoFt4	24 Info onedrive.live.com(13.107.42.13) - mailcious www.digipoint-entertainment.com() www.swisstradecenter.com(217.26.63.20) www.oilelm.com(172.67.159.113) www.amaroqadvisors.com(34.102.136.180) www.septemberstockevent200.com(172.67.188.247) www.getjoyce.net() www.curebase-test.com() www.oooci.com(101.35.123.80) www.kinmanpowerwashing.com(182.50.132.242) owfboa.dm.files.1drv.com(13.107.42.12) www.shangduli.space(114.95.162.70) www.cdgdentists.com(34.102.136.180) www.trashwasher.com(151.101.66.159) 13.107.42.13 - mailcious 13.107.42.12 - malware 217.26.63.20 34.102.136.180 - mailcious 172.67.188.247 182.50.132.242 - mailcious 114.95.162.70 101.35.123.80 104.21.66.109 151.101.66.159 - mailcious	2		9.8		19	ZeroCERT

First
1
Last
Total : 4cnts