Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2021-10-14 16:52	New Order.exe 76ce20e50cfef6b8e5397b581105ba95 PWS .NET framework Generic Malware UPX Antivirus DNS AntiDebug AntiVM PE File PE32 OS Processor Check .NET EXE Malware download Nanocore Malware c&c powershell Buffer PE AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW human activity check Windows ComputerName DNS Cryptographic key DDNS		3	2		14.8			ZeroCERT

2	2021-10-14 16:47	EXPORT DOCUMENTS_CMR_INVOICE_I... 0a3212c04eeaed201c4038ab6dd3631b Generic Malware UPX Antivirus DNS AntiDebug AntiVM PE File PE32 OS Processor Check .NET EXE Buffer PE AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities suspicious process WriteConsoleW human activity check Windows ComputerName DNS Cryptographic key DDNS		3	1		14.2			ZeroCERT

3	2021-10-14 09:36	deo.exe 6429aa83e4bc083b4f0b3f44b0d7950f PWS .NET framework Generic Malware UPX AntiDebug AntiVM PE File PE32 OS Processor Check .NET EXE FormBook Malware download VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself	16 Keyword trend analysis Info http://www.clf010.com/ef6c/ http://www.szesdkj.com/ef6c/ - rule_id: 5830 http://www.xn--9m1bq8wgkag3rjvb.com/ef6c/ http://www.shacksolid.com/ef6c/ - rule_id: 5818 http://www.pgonline111.online/ef6c/ - rule_id: 5822 http://www.szesdkj.com/ef6c/?KzuD=fLa1O6LgDU4JmATAWF+Un0DhSyi8xEXua0Xgw1gdYMhmHbBdgR9nT+JgCDSJbt7Dlll1cLDk&p0D=AfhDQR2 - rule_id: 5830 http://www.ambrandt.com/ef6c/ - rule_id: 5836 http://www.clf010.com/ef6c/?KzuD=Bd/A1B2Xlx1/VvyPmZy81MokZhoyKr0JLZIYHKA2ldK2bxVDj61bbzDCW/TjJZTPQA/hnmk/&p0D=AfhDQR2 http://www.szyyglass.com/ef6c/?KzuD=WJZ/PBlgU2sqxbhuKWSW0gAF450CRpcifwWN2Hn02+HJZd2OB2qk7jd6844pcDa/ZUIS0tAu&p0D=AfhDQR2 - rule_id: 5843 http://www.apricitee.com/ef6c/?KzuD=KSHN/72BZOSNcoSkGOIXNFBSZoOhZSSqcZXlNpA3fA8LE+ARMJMD6XqqXDR03XtMsLmcqmrd&p0D=AfhDQR2 - rule_id: 5837 http://www.xn--9m1bq8wgkag3rjvb.com/ef6c/?KzuD=W0zrjLjT8XBGRo9sU3Dn88XRkC7FXpf2/JIGBr0tRLYlauEco6w7O/7mFeuMH7lv+B4uIItN&p0D=AfhDQR2 http://www.pgonline111.online/ef6c/?KzuD=YwrbNwP1/uOx/t5EQbsAb0agM3IyucVno+6hj+S4img8g2n6a6v8t37VHfacQRvRoazZ9RvI&p0D=AfhDQR2 - rule_id: 5822 http://www.szyyglass.com/ef6c/ - rule_id: 5843 http://www.shacksolid.com/ef6c/?KzuD=JeohSOzV/eF3b++alSWyFy7AWxQU0a2IMxUYSulMFNSbZpwQl2hdImGcJZ3OYLlpDcL1Ncux&p0D=AfhDQR2 - rule_id: 5818 http://www.apricitee.com/ef6c/ - rule_id: 5837 http://www.ambrandt.com/ef6c/?KzuD=LpvmmmP8130l+/J4QjVaSApGnUfMJ5/j1z/KRz5qiZs92IprYNoIBOkfulD2ZI4sCy4j1IwA&p0D=AfhDQR2 - rule_id: 5836	19 Info www.pgonline111.online(13.251.172.64) www.xn--9m1bq8wgkag3rjvb.com(221.139.49.11) www.csspadding.com() - mailcious www.shacksolid.com(64.190.62.111) www.szesdkj.com(170.130.13.86) www.test-testjisdnsec.store() www.szyyglass.com(172.120.106.61) www.apricitee.com(172.65.227.72) www.geniuseven.net() www.ambrandt.com(156.234.138.25) www.clf010.com(45.39.212.188) 172.120.106.61 - mailcious 170.130.13.86 - mailcious 156.234.138.25 - mailcious 64.190.62.111 - mailcious 221.139.49.11 172.65.227.72 - mailcious 13.251.172.64 - mailcious 45.39.212.188	1	12 Info http://www.szesdkj.com/ef6c/ http://www.shacksolid.com/ef6c/ http://www.pgonline111.online/ef6c/ http://www.szesdkj.com/ef6c/ http://www.ambrandt.com/ef6c/ http://www.szyyglass.com/ef6c/ http://www.apricitee.com/ef6c/ http://www.pgonline111.online/ef6c/ http://www.szyyglass.com/ef6c/ http://www.shacksolid.com/ef6c/ http://www.apricitee.com/ef6c/ http://www.ambrandt.com/ef6c/	8.2	M	18	ZeroCERT

First
1
Last
Total : 3cnts