Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2021-07-08 09:45	Remittanc3.exe c1366c7e949f42c3708cf8a6b9f8b59e Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows DNS crashed	10 Keyword trend analysis Info http://www.amagev.club/dkao/ http://www.nigeriawomenawards.com/dkao/?uTCp=iWzfaewLLTJnQMPvdy871AT5FLqPnVAdCSP78r17ytQtyc4BseBkkQdgsS6sYXYuGYIgofwY&U8kx=9rGDCxGh6xBpR61 http://www.amagev.club/dkao/?uTCp=aesDQQjVnk1NplFjny38zOY2c5gOHCiyKviJ6lZu99HOBtJRCj0+iKRxq9F0iuetBDPWBsxJ&U8kx=9rGDCxGh6xBpR61 http://www.successfulhealthcoach.com/dkao/ http://www.nadiarosso.com/dkao/ http://www.nadiarosso.com/dkao/?uTCp=5rjZZIrDmf8HQT5SY+nDIB4GoGBDWQ2X3TTHXxMQpq94isiL42v++a4+dgXFbn9ypDWdd8VT&U8kx=9rGDCxGh6xBpR61 http://www.successfulhealthcoach.com/dkao/?uTCp=oafyDgTRlbeRqGLmBvvKDjtyhevRanROH1bEEpu+meVakeizwSEUg4snONZlkFKqZ9XiU1WZ&U8kx=9rGDCxGh6xBpR61 http://www.goodhey.com/dkao/?uTCp=kKKyE3J80xSjU8JLjpdTs7wNQiraEN87BcQif8T3VbN/JtW6xuqNZqhINOgXnR5tUcu1NjWy&U8kx=9rGDCxGh6xBpR61 http://www.goodhey.com/dkao/ http://www.nigeriawomenawards.com/dkao/	12 Info www.nigeriawomenawards.com(154.201.211.108) www.adrvew.com() www.amagev.club(172.67.144.246) www.successfulhealthcoach.com(103.21.8.203) www.goodhey.com(46.28.105.2) www.nadiarosso.com(185.224.137.126) 46.28.105.2 - mailcious 104.21.95.128 154.201.211.108 103.21.8.203 185.224.137.126 104.21.19.200			10.8	M	22	ZeroCERT

2	2021-07-08 09:24	IMG_10791000016.exe dd51db7619839fd3e1cad9bb78c89dda Generic Malware SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces malicious URLs VMware IP Check Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	2 Keyword trend analysis	4			14.2	M	28	ZeroCERT

3	2021-07-08 09:24	6011102781032.exe 9e0f0affb0ceabd35d88978d4bd22a79 Generic Malware SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces VMware IP Check Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed keylogger	2 Keyword trend analysis	4			14.4	M	20	ZeroCERT

4	2021-07-08 09:22	xx2p14.exe f2cd90ae3b4307b881aa7512a24ff3d2 PWS Loki[b] Loki[m] Generic Malware DNS AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs installed browsers check Windows Browser Email ComputerName DNS Software crashed		1			14.4	M	27	ZeroCERT

5	2021-07-08 09:21	bbins22.exe 6ddefaa934f93d73167d08364a040b40 Generic Malware AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows Cryptographic key crashed					8.0		25	ZeroCERT

First
1
Last
Total : 5cnts