Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2022-01-20 10:40	Document_019827736.exe c8ac277fb045754c22f7a349e76b660f PWS .NET framework Generic Malware SMTP KeyLogger AntiDebug AntiVM PE File PE32 .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	2 Keyword trend analysis	4			14.0	M	44	ZeroCERT

2	2022-01-20 10:39	49r4e5lah2sztqb.exe 82ae4ac0c2bfe907f9645b411cef0ab4 PWS .NET framework Generic Malware SMTP KeyLogger AntiDebug AntiVM PE File PE32 .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces IP Check Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	2 Keyword trend analysis	4			14.0	M	46	ZeroCERT

3	2022-01-11 10:29	vbc.exe 97ccf6ebd6abe7786677f0e6e6b8aef0 RAT PWS .NET framework Generic Malware Antivirus AntiDebug AntiVM PE File PE32 .NET EXE FormBook Malware download VirusTotal Malware powershell PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key	7 Keyword trend analysis Info http://www.bsauksjon.com/nt3f/?GVIP=StlFUnk4wzjTnbp09ZFPbEIp4u0ry2qey7hFHFyv3YIn7p8uZqYxCMZfdHDqdFDBwTTpWzRm&tzr4=jlIDUdgX_ZnH9D http://www.comment-changer-sa-vie.com/nt3f/?GVIP=QNIPywOvUFlAC2QTWNjsCI3IpHtNKfuQ9uBpR80qgvQLcDduTPmxZ7XDh6SnVUeEy/HMRhaT&tzr4=jlIDUdgX_ZnH9D http://www.spacezanome.xyz/nt3f/?GVIP=qWpm9f79C0TxsxjVAMsIztBX9N23mT+I4zI/hudLTAuSmKBmbFIF9CbFrsQ9agqRRqtelvrr&tzr4=jlIDUdgX_ZnH9D http://www.elainemaxwellcoaching.com/nt3f/?GVIP=WCGiuzTZendY8otT5ciItqlYc2TVe3pH9Q7CsMjG7CDTs2E/eL1aFK9BXSIG0VIhNkfSQ70p&tzr4=jlIDUdgX_ZnH9D http://www.wisteria-pavilion.com/nt3f/?GVIP=8ao14cF3C0VyHrVB9d81+eQUJ2NsI+J1YOOHWDEbCV/j+/CHV5hoHcyE4RcWwqVyYuRrdO73&tzr4=jlIDUdgX_ZnH9D http://www.landbanking.global/nt3f/?GVIP=trjiMTZ0Wfi0S4aQlORMjDKEp+1PeSz+32WZEglPev4YoRsHgXI2ikz8+KhcX6E7cvIxl+eh&tzr4=jlIDUdgX_ZnH9D http://www.digitalgoldcryptostock.net/nt3f/?GVIP=zOEqxmpAWea6eBSpoYfp9rSxecxdcTynEay3lJhDVIet1TR9Cb1V70uuJSMzSBpGSSab4V51&tzr4=jlIDUdgX_ZnH9D	14 Info www.spacezanome.xyz(64.190.62.111) www.comment-changer-sa-vie.com(154.196.7.103) www.wisteria-pavilion.com(172.67.191.3) www.landbanking.global(192.99.206.41) www.bsauksjon.com(160.124.105.200) www.elainemaxwellcoaching.com(64.98.145.30) www.digitalgoldcryptostock.net(23.94.191.226) 64.98.145.30 - mailcious 160.124.105.200 104.21.89.185 154.196.7.103 192.99.206.41 23.94.191.226 - mailcious 64.190.62.111 - mailcious	3		11.8	M	27	ZeroCERT

First
1
Last
Total : 3cnts