Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2021-06-14 20:42	sdly_taskpop61.exe bc7522c569863c07247effeed6adda85 Gen2 Gen1 Emotet Anti_VM PE File OS Processor Check PE32 DLL JPEG Format PNG Format MSOffice File PE64 GIF Format VirusTotal Malware PDB suspicious privilege MachineGuid Check memory buffers extracted Creates shortcut Creates executable files RWX flags setting unpack itself AppData folder AntiVM_Disk China anti-virtualization VM Disk Size Check installed browsers check Tofsee Ransomware Windows Browser ComputerName Remote Code Execution	51 Keyword trend analysis Info http://cdn-file.ludashi.com/wan/micro/sdly/assets_lds/v1/log_btn_h.png http://cdn-file-ssl-pc.ludashi.com/pc/cef/CefRes.dll?t=202106142055 http://cdn-file.ludashi.com/wan/micro/sdly/assets_lds/v1/cir.png http://cdn-file-ssl-wan.ludashi.com/pc/game/flash/pepflashplayer.7z?t=202106142055 http://s.ludashi.com/wan?type=weiduan&action=install&channel=taskpop&mid=fa7bb520099706f4d9615c3663eacc55&mid2=c2a9b458c8eb84d52f3369329facb48b9ff9f7ac2b54&uid=d&appver=&modver=3.2.5.61&sign=8ffeb14d433dcc0c2b98a3cf2716c5f4&from=taskpop_sdly&forcetick=2950015 http://cdn-file.ludashi.com/wan/micro/sdly/assets_lds/v1/input_log_code.png?t=20191021 http://s.ludashi.com/wan?type=weiduan&action=inst_succ&channel=taskpop&mid=fa7bb520099706f4d9615c3663eacc55&mid2=c2a9b458c8eb84d52f3369329facb48b9ff9f7ac2b54&uid=d&appver=&modver=3.2.5.61&sign=9326e042414b37b0a465d68435568572&from=taskpop_sdly&forcetick=2976109 http://wan.ludashi.com/micro/sdly/index_lds.html?channel=taskpop&from=taskpop_wd_sdly http://cdn-file.ludashi.com/wan/micro/sdly/assets_lds/v1/login_tit.png http://s.ludashi.com/wan?type=weiduan&action=install_extra&channel=taskpop&mid=fa7bb520099706f4d9615c3663eacc55&mid2=c2a9b458c8eb84d52f3369329facb48b9ff9f7ac2b54&uid=d&appver=&modver=3.2.5.61&sign=bda3e2d3873bc6b8751a06ecfa64faa6&from=taskpop_sdly&forcetick=2971046 http://s.ludashi.com/wan?type=accurate&action=t1&channel=taskpop&from=taskpop_wd_sdly&mid=fa7bb520099706f4d9615c3663eacc55&appver=3.2.5.61&uid=0&game=sdly×tamp=1623672829177&ex_ary[guid]= http://cdn-file.ludashi.com/wan/micro/sdly/assets_lds/v1/log_btn.png http://s.ludashi.com/wan?type=weiduan&action=run&channel=taskpop&mid=fa7bb520099706f4d9615c3663eacc55&mid2=c2a9b458c8eb84d52f3369329facb48b9ff9f7ac2b54&uid=d&appver=&modver=3.2.5.61&sign=bb1adc4f55a84cf7c0830a76e4cfec69&from=taskpop_sdly&forcetick=2978593 http://s.ludashi.com/wan?type=weiduan&action=7z_download_start&channel=taskpop&mid=fa7bb520099706f4d9615c3663eacc55&mid2=c2a9b458c8eb84d52f3369329facb48b9ff9f7ac2b54&uid=d&appver=&modver=3.2.5.61&sign=faf774bde5506632e0936450a2b05bac&from=taskpop_sdly&forcetick=2950062 http://cdn-file.ludashi.com/wan/micro/sdly/assets_lds/v1/input_reg_act.png?t=20191021 http://cdn-file.ludashi.com/wan/micro/sdly/assets_lds/v1/checkbox.png http://s.ludashi.com/wan?type=weiduan&action=res_down_success&channel=taskpop&mid=fa7bb520099706f4d9615c3663eacc55&mid2=c2a9b458c8eb84d52f3369329facb48b9ff9f7ac2b54&uid=d&appver=&modver=3.2.5.61&sign=c8bafc2df3f18850e666c570733e30ee&from=taskpop_sdly&forcetick=2964062 http://s.ludashi.com/wan?type=weiduan&action=add_uninst_item&channel=taskpop&mid=fa7bb520099706f4d9615c3663eacc55&mid2=c2a9b458c8eb84d52f3369329facb48b9ff9f7ac2b54&uid=d&appver=&modver=3.2.5.61&sign=90fc48554d411fc4bdbd8c4cba5dcac7&from=taskpop_sdly&forcetick=2966703 http://i.ludashi.com/ajax/gettoken?user_from=youxi&callback=jQuery18308462895474002294_1623672818022&_=1623672819545 http://cdn-file.ludashi.com/wan/micro/sdly/assets_lds/v1/input_log_pwd.png?t=20191021 http://cdn-file.ludashi.com/wan/micro/sdly/assets_lds/v1/input_reg_code.png?t=20191021 http://cdn-file.ludashi.com/wan/micro/sdly/assets_lds/v1/bg.jpg http://wan.ludashi.com/api/CheckGameStatus?callback=jQuery18308462895474002294_1623672818021 http://cdn-file.ludashi.com/assets/sea/sea.js http://cdn-wan.ludashi.com/assets/superjs/config.js?v=20210527 http://s.ludashi.com/wan?type=weiduan&action=main_show&channel=taskpop&mid=fa7bb520099706f4d9615c3663eacc55&mid2=c2a9b458c8eb84d52f3369329facb48b9ff9f7ac2b54&uid=d&appver=&modver=3.2.5.61&sign=5ecbfcbcece4eea0291ea4146880caf7&from=taskpop_sdly&forcetick=2979031 http://cdn-file.ludashi.com/wan/micro/sdly/assets_lds/v1/main.css http://s.ludashi.com/wan?type=accurate&action=t3&channel=taskpop&from=taskpop_wd_sdly&mid=fa7bb520099706f4d9615c3663eacc55&appver=3.2.5.61&uid=0&game=sdly×tamp=1623672879174&ex_ary[guid]= http://cdn-file.ludashi.com/assets/jquery/jquery183.js http://s.ludashi.com/wan?type=weiduan&action=wd_install_success&channel=taskpop&mid=fa7bb520099706f4d9615c3663eacc55&mid2=c2a9b458c8eb84d52f3369329facb48b9ff9f7ac2b54&uid=d&appver=&modver=3.2.5.61&sign=9816a49d782b4cc6abf68cd3e4f25e57&from=taskpop_sdly&forcetick=2976109 http://wan.ludashi.com/announce/list?callback=jQuery18308462895474002294_1623672818022&type=2&gid=sdly&skip=0&num=5&_=1623672819146 http://cdn-file.ludashi.com/wan/micro/sdly/assets_lds/v1/nav.png http://s.ludashi.com/wan?type=weiduan&action=add_desk_icon&channel=taskpop&mid=fa7bb520099706f4d9615c3663eacc55&mid2=c2a9b458c8eb84d52f3369329facb48b9ff9f7ac2b54&uid=d&appver=&modver=3.2.5.61&sign=29e0f6a694aea37940ed2c0d91f5f3c5&from=taskpop_sdly&forcetick=2966750 http://s.ludashi.com/wan?type=weiduan&action=7z_download_success&channel=taskpop&mid=fa7bb520099706f4d9615c3663eacc55&mid2=c2a9b458c8eb84d52f3369329facb48b9ff9f7ac2b54&uid=d&appver=&modver=3.2.5.61&sign=222806ca1968aee2104845ac0bb1e961&from=taskpop_sdly&forcetick=2950546 http://cdn-file.ludashi.com/wan/micro/sdly/assets_lds/v1/upload.jpg http://cdn-file-ssl-wan.ludashi.com/wan/wan/7z.dll http://cdn-file.ludashi.com/wan/micro/sdly/assets_lds/v1/third_qq.png http://s.ludashi.com/wan?type=weiduan&action=7z_noexist&channel=taskpop&mid=fa7bb520099706f4d9615c3663eacc55&mid2=c2a9b458c8eb84d52f3369329facb48b9ff9f7ac2b54&uid=d&appver=&modver=3.2.5.61&sign=31673de8d494f02142e1edb517399942&from=taskpop_sdly&forcetick=2950062 http://s.ludashi.com/wan?type=accurate&action=t0&channel=taskpop&from=taskpop_wd_sdly&mid=fa7bb520099706f4d9615c3663eacc55&appver=3.2.5.61&uid=0&game=sdly×tamp=1623672819149&ex_ary[guid]= http://s.ludashi.com/wan?type=accurate&action=t2&channel=taskpop&from=taskpop_wd_sdly&mid=fa7bb520099706f4d9615c3663eacc55&appver=3.2.5.61&uid=0&game=sdly×tamp=1623672849175&ex_ary[guid]= http://s.ludashi.com/wan?type=weiduan&action=inst_open&channel=taskpop&mid=fa7bb520099706f4d9615c3663eacc55&mid2=c2a9b458c8eb84d52f3369329facb48b9ff9f7ac2b54&uid=d&appver=&modver=3.2.5.61&sign=76d90940607a4e1fc8c4e780c107c434&from=taskpop_sdly&forcetick=2971046 http://cdn-file.ludashi.com/wan/micro/sdly/assets_lds/v1/news-bg.png http://cdn-file.ludashi.com/wan/micro/sdly/assets_lds/v1/reg.jpg?t=20200105 http://s.ludashi.com/wan?type=weiduan&action=wd_show_success&channel=taskpop&mid=fa7bb520099706f4d9615c3663eacc55&mid2=c2a9b458c8eb84d52f3369329facb48b9ff9f7ac2b54&uid=d&appver=&modver=3.2.5.61&sign=a77a4190d391498058b650400ce279b4&from=taskpop_sdly&forcetick=2979031 http://cdn-file.ludashi.com/wan/micro/sdly/assets_lds/v1/input_log_act.png?t=20191021 http://cdn-file.ludashi.com/wan/micro/sdly/assets_lds/v1/input_reg_pwd.png?t=20191021 http://cdn-file.ludashi.com/wan/micro/sdly/assets_lds/v1/third_weixin.png http://s.ludashi.com/wan?type=weiduan&action=pepflash_down_success&channel=taskpop&mid=fa7bb520099706f4d9615c3663eacc55&mid2=c2a9b458c8eb84d52f3369329facb48b9ff9f7ac2b54&uid=d&appver=&modver=3.2.5.61&sign=1eb066f8aee684651bb6886e75ddddec&from=taskpop_sdly&forcetick=2966453 https://cdn-ssl-wan.ludashi.com/assets/superjs/pageMicro.js?v=20210527 https://cdn-ssl-wan.ludashi.com/assets/superjs/modules/commonTool.js?v=20210527 https://cdn-ssl-wan.ludashi.com/assets/superjs/modules/commonLoginApi.js?v=20200810	17 Info cdn-file-ssl-wan.ludashi.com(115.238.192.241) i.ludashi.com(120.27.82.56) cdn-wan.ludashi.com(122.225.67.192) wan.ludashi.com(139.129.105.182) s.ludashi.com(139.224.193.172) cdn-ssl-wan.ludashi.com(115.238.192.242) cdn-file.ludashi.com(115.223.31.227) cdn-file-ssl-pc.ludashi.com(183.136.197.99) 139.129.105.182 47.117.76.201 115.238.192.244 - malware 58.218.203.239 115.238.192.238 183.136.197.100 122.225.67.193 106.15.139.117 120.27.82.56	4		10.4	M	24	ZeroCERT

2	2021-06-14 20:36	bxfgbttp528.exe 048ec3a35503f53f26bba3c4fb831e75 Gen2 Gen1 Emotet Anti_VM PE File OS Processor Check PE32 DLL PNG Format GIF Format MSOffice File JPEG Format PE64 VirusTotal Malware PDB suspicious privilege MachineGuid Check memory buffers extracted Creates shortcut Creates executable files RWX flags setting unpack itself AppData folder AntiVM_Disk China anti-virtualization VM Disk Size Check installed browsers check Tofsee Ransomware Windows Browser ComputerName Remote Code Execution	56 Keyword trend analysis Info http://cdn-file.ludashi.com/assets/jquery/jquery183.js http://cdn-file.ludashi.com/wan/micro/cqbz/assets_lds/input_log_pwd.png?t=20191021 http://s.ludashi.com/wan?type=weiduan&action=res_down_success&channel=tp&mid=fa7bb520099706f4d9615c3663eacc55&mid2=c2a9b458c8eb84d52f3369329facb48b9ff9f7ac2b54&uid=d&appver=&modver=7.3.122.441&sign=09e4c113e92485d7bd0ea35e449ca2cb&from=tp_bxfgbt&forcetick=6562218 http://cdn-file-ssl-pc.ludashi.com/pc/cef/CefRes.dll?t=202106142154 http://s.ludashi.com/wan?type=weiduan&action=pepflash_down_success&channel=tp&mid=fa7bb520099706f4d9615c3663eacc55&mid2=c2a9b458c8eb84d52f3369329facb48b9ff9f7ac2b54&uid=d&appver=&modver=7.3.122.441&sign=e41ab422ea3ae3a2a30e0e077acbe54a&from=tp_bxfgbt&forcetick=6567343 http://s.ludashi.com/wan?type=accurate&action=t1&channel=tp&from=tp_wd_cqbz_528&mid=fa7bb520099706f4d9615c3663eacc55&appver=7.3.122.441&uid=0&game=cqbz×tamp=1623675350611&ex_ary[guid]= http://cdn-file.ludashi.com/wan/micro/cqbz/assets_lds/input_reg_pwd.png?t=20191021 http://s.ludashi.com/wan?type=weiduan&action=run&channel=tp&mid=fa7bb520099706f4d9615c3663eacc55&mid2=c2a9b458c8eb84d52f3369329facb48b9ff9f7ac2b54&uid=d&appver=&modver=7.3.122.441&sign=0f92d01692483eb8b14909e6aee3093a&from=tp_bxfgbt&forcetick=6576750 http://cdn-file.ludashi.com/wan/micro/cqbz/assets_lds/bg.jpg http://cdn-file.ludashi.com/wan/micro/cqbz/assets_lds/nav04.png http://s.ludashi.com/wan?type=accurate&action=t0&channel=tp&from=tp_wd_cqbz_528&mid=fa7bb520099706f4d9615c3663eacc55&appver=7.3.122.441&uid=0&game=cqbz×tamp=1623675340587&ex_ary[guid]= http://cdn-file.ludashi.com/wan/micro/cqbz/assets_lds/checkbox.png http://s.ludashi.com/wan?type=weiduan&action=7z_download_start&channel=tp&mid=fa7bb520099706f4d9615c3663eacc55&mid2=c2a9b458c8eb84d52f3369329facb48b9ff9f7ac2b54&uid=d&appver=&modver=7.3.122.441&sign=90d869f729ff49e7f971ac326c8fc8eb&from=tp_bxfgbt&forcetick=6549921 http://s.ludashi.com/wan?type=weiduan&action=inst_succ&channel=tp&mid=fa7bb520099706f4d9615c3663eacc55&mid2=c2a9b458c8eb84d52f3369329facb48b9ff9f7ac2b54&uid=d&appver=&modver=7.3.122.441&sign=fb54bb467e8e2a384382178498dba283&from=tp_bxfgbt&forcetick=6575406 http://cdn-file.ludashi.com/wan/micro/cqbz/assets_lds/main.css?t=20210323 http://cdn-file.ludashi.com/wan/micro/cqbz/assets_lds/button_right.png http://cdn-file.ludashi.com/wan/micro/cqbz/assets_lds/log_btn.png http://s.ludashi.com/wan?type=weiduan&action=add_desk_icon&channel=tp&mid=fa7bb520099706f4d9615c3663eacc55&mid2=c2a9b458c8eb84d52f3369329facb48b9ff9f7ac2b54&uid=d&appver=&modver=7.3.122.441&sign=0ba4bb5ca840211a1dbd0c85cdfccb35&from=tp_bxfgbt&forcetick=6567640 http://s.ludashi.com/wan?type=weiduan&action=wd_show_success&channel=tp&mid=fa7bb520099706f4d9615c3663eacc55&mid2=c2a9b458c8eb84d52f3369329facb48b9ff9f7ac2b54&uid=d&appver=&modver=7.3.122.441&sign=8931bd48b499e6542e1fc0624dfb45f1&from=tp_bxfgbt&forcetick=6577062 http://cdn-file-ssl-wan.ludashi.com/pc/game/flash/pepflashplayer.7z?t=202106142155 http://cdn-file.ludashi.com/wan/micro/cqbz/assets_lds/line.png http://cdn-file.ludashi.com/assets/sea/sea.js http://s.ludashi.com/wan?type=accurate&action=t3&channel=tp&from=tp_wd_cqbz_528&mid=fa7bb520099706f4d9615c3663eacc55&appver=7.3.122.441&uid=0&game=cqbz×tamp=1623675400610&ex_ary[guid]= http://cdn-file.ludashi.com/wan/micro/cqbz/assets_lds/nav03.png http://cdn-file.ludashi.com/wan/micro/cqbz/assets_lds/nav01.png http://cdn-file.ludashi.com/wan/micro/cqbz/assets_lds/third_qq.png http://wan.ludashi.com/announce/list?callback=jQuery18304147616895588053_1623675339769&type=2&gid=cqbz&skip=0&num=5&_=1623675340581 http://i.ludashi.com/ajax/gettoken?user_from=youxi&callback=jQuery18304147616895588053_1623675339769&_=1623675340758 http://cdn-file.ludashi.com/wan/micro/cqbz/assets_lds/input_reg_code.png?t=20191021 http://cdn-file.ludashi.com/wan/micro/cqbz/assets_lds/news-bg.png http://cdn-file.ludashi.com/wan/micro/cqbz/assets_lds/hovers.png http://wan.ludashi.com/micro/cqbz/index_lds.html?channel=tp&from=tp_wd_cqbz_528 http://wan.ludashi.com/api/CheckGameStatus?callback=jQuery18304147616895588053_1623675339768 http://cdn-file.ludashi.com/wan/micro/cqbz/assets_lds/input_log_code.png?t=20191021 http://cdn-file.ludashi.com/wan/micro/cqbz/assets_lds/input_reg_act.png?t=20191021 http://cdn-file.ludashi.com/wan/micro/cqbz/assets_lds/cir.png http://cdn-file.ludashi.com/wan/micro/cqbz/assets_lds/button_left.png http://s.ludashi.com/wan?type=weiduan&action=install_extra&channel=tp&mid=fa7bb520099706f4d9615c3663eacc55&mid2=c2a9b458c8eb84d52f3369329facb48b9ff9f7ac2b54&uid=d&appver=&modver=7.3.122.441&sign=3cc5f800abb63dcaaa967db280a83cde&from=tp_bxfgbt&forcetick=6572390 http://s.ludashi.com/wan?type=weiduan&action=install&channel=tp&mid=fa7bb520099706f4d9615c3663eacc55&mid2=c2a9b458c8eb84d52f3369329facb48b9ff9f7ac2b54&uid=d&appver=&modver=7.3.122.441&sign=a4ab4e8b0d0ebb8e86ff45bf61ad68de&from=tp_bxfgbt&forcetick=6549875 http://cdn-file-ssl-wan.ludashi.com/wan/wan/7z.dll http://s.ludashi.com/wan?type=accurate&action=t2&channel=tp&from=tp_wd_cqbz_528&mid=fa7bb520099706f4d9615c3663eacc55&appver=7.3.122.441&uid=0&game=cqbz×tamp=1623675370611&ex_ary[guid]= http://cdn-file.ludashi.com/wan/micro/cqbz/assets_lds/nav02.png http://s.ludashi.com/wan?type=weiduan&action=7z_noexist&channel=tp&mid=fa7bb520099706f4d9615c3663eacc55&mid2=c2a9b458c8eb84d52f3369329facb48b9ff9f7ac2b54&uid=d&appver=&modver=7.3.122.441&sign=bac4e342ad13022924b63b5c8737d92e&from=tp_bxfgbt&forcetick=6549921 http://cdn-wan.ludashi.com/assets/superjs/config.js?v=20210527 http://cdn-file.ludashi.com/wan/micro/cqbz/assets_lds/input_log_act.png?t=20191021 http://s.ludashi.com/wan?type=weiduan&action=wd_install_success&channel=tp&mid=fa7bb520099706f4d9615c3663eacc55&mid2=c2a9b458c8eb84d52f3369329facb48b9ff9f7ac2b54&uid=d&appver=&modver=7.3.122.441&sign=44d0198664d9f141a41b3cadb631807f&from=tp_bxfgbt&forcetick=6575406 http://cdn-file.ludashi.com/wan/micro/cqbz/assets_lds/third_weixin.png http://cdn-file.ludashi.com/wan/micro/cqbz/assets_lds/reg.jpg?t=20200105 http://s.ludashi.com/wan?type=weiduan&action=main_show&channel=tp&mid=fa7bb520099706f4d9615c3663eacc55&mid2=c2a9b458c8eb84d52f3369329facb48b9ff9f7ac2b54&uid=d&appver=&modver=7.3.122.441&sign=f74f40d9d3f7dbe214107a02d0d4fb24&from=tp_bxfgbt&forcetick=6577062 http://cdn-file.ludashi.com/wan/micro/cqbz/assets_lds/upload.jpg http://s.ludashi.com/wan?type=weiduan&action=inst_open&channel=tp&mid=fa7bb520099706f4d9615c3663eacc55&mid2=c2a9b458c8eb84d52f3369329facb48b9ff9f7ac2b54&uid=d&appver=&modver=7.3.122.441&sign=a3b538ce7be1874ff2b72dd5f4b1b0f1&from=tp_bxfgbt&forcetick=6572437 http://s.ludashi.com/wan?type=weiduan&action=add_uninst_item&channel=tp&mid=fa7bb520099706f4d9615c3663eacc55&mid2=c2a9b458c8eb84d52f3369329facb48b9ff9f7ac2b54&uid=d&appver=&modver=7.3.122.441&sign=73c11adea036dd12475c14c07aea8ada&from=tp_bxfgbt&forcetick=6567609 http://s.ludashi.com/wan?type=weiduan&action=7z_download_success&channel=tp&mid=fa7bb520099706f4d9615c3663eacc55&mid2=c2a9b458c8eb84d52f3369329facb48b9ff9f7ac2b54&uid=d&appver=&modver=7.3.122.441&sign=c06884edfdac858faffcab21f28b1f7e&from=tp_bxfgbt&forcetick=6550437 https://cdn-ssl-wan.ludashi.com/assets/superjs/pageMicro.js?v=20210527 https://cdn-ssl-wan.ludashi.com/assets/superjs/modules/commonTool.js?v=20210527 https://cdn-ssl-wan.ludashi.com/assets/superjs/modules/commonLoginApi.js?v=20200810	16 Info cdn-file-ssl-wan.ludashi.com(115.231.152.239) i.ludashi.com(120.27.82.56) cdn-wan.ludashi.com(122.225.67.189) wan.ludashi.com(139.129.105.182) s.ludashi.com(106.15.48.27) cdn-ssl-wan.ludashi.com(115.238.192.244) cdn-file.ludashi.com(115.223.31.230) cdn-file-ssl-pc.ludashi.com(115.231.155.197) 139.129.105.182 122.228.1.208 58.218.203.238 106.15.136.209 115.238.192.241 47.117.70.170 220.189.197.2 120.27.82.56	3		10.4	M	20	ZeroCERT

First
1
Last
Total : 2cnts