Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2021-08-18 18:59	bsnaw83e8cf2a243447619488f24e8... 296686ae5812e910d79d472f6db4f00d Emotet Gen1 UPX Malicious Library AntiDebug AntiVM PE File OS Processor Check DLL PE32 Dridex TrickBot VirusTotal Malware Report suspicious privilege Code Injection Malicious Traffic Checks debugger buffers extracted RWX flags setting unpack itself Check virtual network interfaces suspicious process IP Check Kovter ComputerName DNS crashed	24 Keyword trend analysis Info http://api.ipify.org/?format=text https://60.51.47.65/rob122/TEST22-PC_W617601.99307735BA11F0E33B6B5DD6287F4F23/14/pwgrabc/sTart%20Run%20D%20failed/0/ - rule_id: 4163 https://179.189.229.254/rob122/TEST22-PC_W617601.99307735BA11F0E33B6B5DD6287F4F23/0/Windows%207%20x64%20SP1/1107/175.208.134.150/727F639DF1E9560A2743CB69221BB85D3D1D1CBDEE638318DB0A9F2C35331CAD/zF5zHLV9nBzvVHjFPdZjvLx/ https://221.147.172.5/rob122/TEST22-PC_W617601.99307735BA11F0E33B6B5DD6287F4F23/5/pwgrabc64/ https://60.51.47.65/rob122/TEST22-PC_W617601.99307735BA11F0E33B6B5DD6287F4F23/10/62/ZVNJTVDPHZFVJVT/7/ - rule_id: 4163 https://24.162.214.166/rob122/TEST22-PC_W617601.99307735BA11F0E33B6B5DD6287F4F23/0/Windows%207%20x64%20SP1/1107/175.208.134.150/727F639DF1E9560A2743CB69221BB85D3D1D1CBDEE638318DB0A9F2C35331CAD/h8zlsX8sa38PHhoy/ https://60.51.47.65/rob122/TEST22-PC_W617601.99307735BA11F0E33B6B5DD6287F4F23/23/100019/ - rule_id: 4163 https://179.189.229.254/rob122/TEST22-PC_W617601.99307735BA11F0E33B6B5DD6287F4F23/14/path/C:%5CUsers%5Ctest22%5CAppData%5CRoaming%5CArhCat73DPHX%5Cxbbsnaw83e8cf2a243447619488f24e84d65eb5nl.dmo/0/ https://60.51.47.65/rob122/TEST22-PC_W617601.99307735BA11F0E33B6B5DD6287F4F23/10/62/286902/0/ - rule_id: 4163 https://46.99.175.217/rob122/TEST22-PC_W617601.99307735BA11F0E33B6B5DD6287F4F23/0/Windows%207%20x64%20SP1/1107/175.208.134.150/727F639DF1E9560A2743CB69221BB85D3D1D1CBDEE638318DB0A9F2C35331CAD/LK2c37b09qxNBUkpLCrYdxdkz7tfut6M/ https://60.51.47.65/rob122/TEST22-PC_W617601.99307735BA11F0E33B6B5DD6287F4F23/5/file/ - rule_id: 4163 https://60.51.47.65/rob122/TEST22-PC_W617601.99307735BA11F0E33B6B5DD6287F4F23/10/62/CVMRSJRCBP/7/ - rule_id: 4163 https://60.51.47.65/rob122/TEST22-PC_W617601.99307735BA11F0E33B6B5DD6287F4F23/0/Windows%207%20x64%20SP1/1107/175.208.134.150/727F639DF1E9560A2743CB69221BB85D3D1D1CBDEE638318DB0A9F2C35331CAD/hl9JBBpXZ7jPlvflrH1hT/ - rule_id: 4163 https://24.162.214.166/rob122/TEST22-PC_W617601.99307735BA11F0E33B6B5DD6287F4F23/10/62/RYNKRQCNNCUY/7/ https://60.51.47.65/rob122/TEST22-PC_W617601.99307735BA11F0E33B6B5DD6287F4F23/1/7J3JXVPFjlzld5JHRlJjP3z/ - rule_id: 4163 https://60.51.47.65/rob122/TEST22-PC_W617601.99307735BA11F0E33B6B5DD6287F4F23/14/NAT%20status/client%20is%20behind%20NAT/0/ - rule_id: 4163 https://105.27.205.34/rob122/TEST22-PC_W617601.99307735BA11F0E33B6B5DD6287F4F23/5/pwgrabb64/ - rule_id: 4162 https://60.51.47.65/rob122/TEST22-PC_W617601.99307735BA11F0E33B6B5DD6287F4F23/14/DNSBL/listed/0/ - rule_id: 4163 https://60.51.47.65/rob122/TEST22-PC_W617601.99307735BA11F0E33B6B5DD6287F4F23/14/exc/E:%200xc0000005%20A:%200x0000000077919A5A/0/ - rule_id: 4163 https://60.51.47.65/rob122/TEST22-PC_W617601.99307735BA11F0E33B6B5DD6287F4F23/0/Windows%207%20x64%20SP1/1107/175.208.134.150/727F639DF1E9560A2743CB69221BB85D3D1D1CBDEE638318DB0A9F2C35331CAD/WByrVNYXwVS0xvipEFhPw6UY5D/ - rule_id: 4163 https://60.51.47.65/rob122/TEST22-PC_W617601.99307735BA11F0E33B6B5DD6287F4F23/14/networkDll64/reload1/0/ - rule_id: 4163 https://60.51.47.65/rob122/TEST22-PC_W617601.99307735BA11F0E33B6B5DD6287F4F23/1/YkrUQD7ewgKNrHyiATlvSD2usH/ - rule_id: 4163 https://60.51.47.65/rob122/TEST22-PC_W617601.99307735BA11F0E33B6B5DD6287F4F23/14/user/test22/0/ - rule_id: 4163 https://221.147.172.5/rob122/TEST22-PC_W617601.99307735BA11F0E33B6B5DD6287F4F23/5/networkDll64/	14 Info 150.134.208.175.b.barracudacentral.org(127.0.0.2) api.ipify.org(50.16.238.218) 150.134.208.175.cbl.abuseat.org() 150.134.208.175.zen.spamhaus.org() 105.27.205.34 - mailcious 46.99.175.217 - mailcious 179.189.229.254 - mailcious 50.16.238.218 5.152.175.57 - mailcious 221.147.172.5 65.152.201.203 - mailcious 60.51.47.65 - mailcious 79.106.115.107 - mailcious 24.162.214.166 - mailcious	5	16 Info https://60.51.47.65/rob122/ https://60.51.47.65/rob122/ https://60.51.47.65/rob122/ https://60.51.47.65/rob122/ https://60.51.47.65/rob122/ https://60.51.47.65/rob122/ https://60.51.47.65/rob122/ https://60.51.47.65/rob122/ https://60.51.47.65/rob122/ https://105.27.205.34/rob122/ https://60.51.47.65/rob122/ https://60.51.47.65/rob122/ https://60.51.47.65/rob122/ https://60.51.47.65/rob122/ https://60.51.47.65/rob122/ https://60.51.47.65/rob122/	12.2	M	22	ZeroCERT

First
1
Last
Total : 1cnts