Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2024-09-03 09:04	EvolutInjector.exe 34563cc2fcd4e6e5b0063cbc0ffce9c1 Malicious Packer UPX PE File PE32 OS Processor Check VirusTotal Malware DNS		1			1.8		25	ZeroCERT

2	2023-07-28 17:40	postmon.exe 8bdd901591eb90456ad781e3c79bb4ad Generic Malware UPX Malicious Library Malicious Packer Antivirus OS Processor Check PE File PE32 PowerShell Malware download VirusTotal Malware powershell suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder WriteConsoleW Windows ComputerName Remote Code Execution DNS Cryptographic key Downloader	10 Keyword trend analysis Info http://elturky.net/ERP/public/js/cc4.exe http://38.180.1.27/index.php?id=017bd04f-b3bf-45b6-8167-9e8f41ff87bf&subid=HnTgSX1R - rule_id: 34768 http://elturky.net/ERP/public/js/cc5.exe http://elturky.net/ERP/public/js/cc3.php http://elturky.net/ERP/public/js/debug2.ps1 http://elturky.net/ERP/public/js/cc3.exe http://elturky.net/ERP/public/js/dd_64.exe http://elturky.net/ERP/public/js/cc2.php http://elturky.net/ERP/public/js/cc1.php http://elturky.net/ERP/public/js/cc2.exe	3	2	1	10.0	M	57	ZeroCERT

3	2023-06-22 10:36	postmon.exe f7d6bd06f96439787aa170983ab55c3e Gen2 Generic Malware UPX Malicious Library Malicious Packer Antivirus OS Processor Check PE File PE32 PowerShell VirusTotal Malware powershell suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process AppData folder WriteConsoleW Tofsee Windows ComputerName Remote Code Execution DNS Cryptographic key	10 Keyword trend analysis Info http://195.123.226.82/index.php?id=017bd04f-b3bf-45b6-8167-9e8f41ff87bf&subid=6MdhbTcM https://sungeomatics.com/css/colors/cc2.exe https://sungeomatics.com/css/colors/cc1.php https://sungeomatics.com/css/colors/cc4.exe https://sungeomatics.com/css/colors/debug2.ps1 https://sungeomatics.com/css/colors/cc5.exe https://sungeomatics.com/css/colors/dd_64.exe https://sungeomatics.com/css/colors/cc3.exe https://sungeomatics.com/css/colors/cc2.php https://sungeomatics.com/css/colors/cc3.php	3	1		10.0		48	ZeroCERT

4	2023-03-09 10:04	sqlcmd.exe fc4462b1448b7db9f905be31b1bb288d Generic Malware UPX Malicious Library Malicious Packer Antivirus OS Processor Check PE32 PE File PowerShell VirusTotal Malware powershell suspicious privilege MachineGuid Check memory Checks debugger Creates shortcut unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process AppData folder WriteConsoleW Tofsee Windows ComputerName Remote Code Execution DNS Cryptographic key	1 Keyword trend analysis	4	2		10.0	M	33	ZeroCERT

First
1
Last
Total : 4cnts