Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2021-09-09 20:27	linesloters.png 03328209b7e90eb369be9ea61e397fce Malicious Library AntiDebug AntiVM PE File OS Processor Check PE32 Dridex TrickBot VirusTotal Malware PDB suspicious privilege Code Injection Malicious Traffic buffers extracted RWX flags setting unpack itself Check virtual network interfaces suspicious process IP Check Kovter ComputerName DNS crashed	12 Keyword trend analysis Info http://checkip.amazonaws.com/ https://105.27.205.34/rob129/TEST22-PC_W617601.F97E9F96FBBCAFF12D1BFF629355E03B/5/pwgrabc64/ - rule_id: 5031 https://75.176.235.182/rob129/TEST22-PC_W617601.F97E9F96FBBCAFF12D1BFF629355E03B/5/pwgrabb64/ https://181.129.167.82/rob129/TEST22-PC_W617601.F97E9F96FBBCAFF12D1BFF629355E03B/0/Windows%207%20x64%20SP1/1107/175.208.134.150/727F639DF1E9560A2743CB69221BB85D3D1D1CBDEE638318DB0A9F2C35331CAD/LbVFVPVfb5LZ5LHJthlplTtHtr/ https://128.201.76.252/rob129/TEST22-PC_W617601.F97E9F96FBBCAFF12D1BFF629355E03B/0/Windows%207%20x64%20SP1/1107/175.208.134.150/727F639DF1E9560A2743CB69221BB85D3D1D1CBDEE638318DB0A9F2C35331CAD/qCnOnFqZFemSxYDtFyOhK0/ https://179.189.229.254/rob129/TEST22-PC_W617601.F97E9F96FBBCAFF12D1BFF629355E03B/14/user/test22/0/ - rule_id: 5030 https://179.189.229.254/rob129/TEST22-PC_W617601.F97E9F96FBBCAFF12D1BFF629355E03B/5/file/ - rule_id: 5030 https://128.201.76.252/rob129/TEST22-PC_W617601.F97E9F96FBBCAFF12D1BFF629355E03B/14/path/C:%5CUsers%5Ctest22%5CAppData%5CRoaming%5CAnyLiteGames1UKR%5Clinesloters.exe/0/ https://179.189.229.254/rob129/TEST22-PC_W617601.F97E9F96FBBCAFF12D1BFF629355E03B/14/exc/E:%200xc0000005%20A:%200x0000000077919A5A/0/ - rule_id: 5030 https://179.189.229.254/rob129/TEST22-PC_W617601.F97E9F96FBBCAFF12D1BFF629355E03B/14/NAT%20status/client%20is%20behind%20NAT/0/ - rule_id: 5030 https://179.189.229.254/rob129/TEST22-PC_W617601.F97E9F96FBBCAFF12D1BFF629355E03B/0/Windows%207%20x64%20SP1/1107/175.208.134.150/727F639DF1E9560A2743CB69221BB85D3D1D1CBDEE638318DB0A9F2C35331CAD/VPl9TPtfLZnjvttj5LTTZzTF/ - rule_id: 5030 https://181.129.167.82/rob129/TEST22-PC_W617601.F97E9F96FBBCAFF12D1BFF629355E03B/10/62/UCMKGRRKSBMWO/7/	8	3	6	10.8	M	29	ZeroCERT

2	2021-09-09 09:56	linesloters.png 4f2e675ac43f180075d9b1f3316486f8 Malicious Library AntiDebug AntiVM PE File OS Processor Check PE32 Dridex TrickBot Malware PDB suspicious privilege Code Injection Malicious Traffic buffers extracted RWX flags setting unpack itself Check virtual network interfaces suspicious process IP Check Kovter ComputerName DNS crashed	7 Keyword trend analysis Info https://179.189.229.254/rob129/TEST22-PC_W617601.D4F77BDCB54FCB3B1B575C0A3B4827D7/14/NAT%20status/client%20is%20behind%20NAT/0/ https://179.189.229.254/rob129/TEST22-PC_W617601.D4F77BDCB54FCB3B1B575C0A3B4827D7/5/file/ https://179.189.229.254/rob129/TEST22-PC_W617601.D4F77BDCB54FCB3B1B575C0A3B4827D7/0/Windows%207%20x64%20SP1/1107/175.208.134.150/727F639DF1E9560A2743CB69221BB85D3D1D1CBDEE638318DB0A9F2C35331CAD/MCxF3JrLYrtTCbjOSF8HBH79R/ https://179.189.229.254/rob129/TEST22-PC_W617601.D4F77BDCB54FCB3B1B575C0A3B4827D7/14/user/test22/0/ https://105.27.205.34/rob129/TEST22-PC_W617601.D4F77BDCB54FCB3B1B575C0A3B4827D7/5/pwgrabb64/ https://179.189.229.254/rob129/TEST22-PC_W617601.D4F77BDCB54FCB3B1B575C0A3B4827D7/14/exc/E:%200xc0000005%20A:%200x0000000077919A5A/0/ https://179.189.229.254/rob129/TEST22-PC_W617601.D4F77BDCB54FCB3B1B575C0A3B4827D7/14/path/C:%5CUsers%5Ctest22%5CAppData%5CRoaming%5CAnyLiteGamesSAOY%5Clinesloters.exe/0/	4	4		8.6	M		ZeroCERT

3	2021-09-09 09:04	linesloters.png ec330c275ef5bc70e187e7d167b03484 Malicious Library AntiDebug AntiVM PE File OS Processor Check PE32 Dridex TrickBot Malware PDB suspicious privilege Code Injection Malicious Traffic buffers extracted RWX flags setting unpack itself Check virtual network interfaces suspicious process IP Check Kovter ComputerName DNS crashed	11 Keyword trend analysis Info http://icanhazip.com/ https://185.56.175.122/rob129/TEST22-PC_W617601.99B3C97B5F99BD1F3B34A1F586177F69/14/user/test22/0/ https://185.56.175.122/rob129/TEST22-PC_W617601.99B3C97B5F99BD1F3B34A1F586177F69/5/file/ https://185.56.175.122/rob129/TEST22-PC_W617601.99B3C97B5F99BD1F3B34A1F586177F69/0/Windows%207%20x64%20SP1/1107/175.208.134.150/727F639DF1E9560A2743CB69221BB85D3D1D1CBDEE638318DB0A9F2C35331CAD/3sJT83o5WJMcS5vFWYdczdMViZ/ https://185.56.175.122/rob129/TEST22-PC_W617601.99B3C97B5F99BD1F3B34A1F586177F69/14/NAT%20status/client%20is%20behind%20NAT/0/ https://179.189.229.254/rob129/TEST22-PC_W617601.99B3C97B5F99BD1F3B34A1F586177F69/0/Windows%207%20x64%20SP1/1107/175.208.134.150/727F639DF1E9560A2743CB69221BB85D3D1D1CBDEE638318DB0A9F2C35331CAD/tHiBidsluI48eG4clGcD6KL/ https://179.189.229.254/rob129/TEST22-PC_W617601.99B3C97B5F99BD1F3B34A1F586177F69/14/path/C:%5CUsers%5Ctest22%5CAppData%5CRoaming%5CAnyLiteGamesFXVN%5Clinesloters.exe/0/ https://182.253.210.130/rob129/TEST22-PC_W617601.99B3C97B5F99BD1F3B34A1F586177F69/5/pwgrabb64/ - rule_id: 3682 https://182.253.210.130/rob129/TEST22-PC_W617601.99B3C97B5F99BD1F3B34A1F586177F69/5/pwgrabb64/ https://185.56.175.122/rob129/TEST22-PC_W617601.99B3C97B5F99BD1F3B34A1F586177F69/14/exc/E:%200xc0000005%20A:%200x00000000771D9A5A/0/ https://185.56.175.122/rob129/TEST22-PC_W617601.99B3C97B5F99BD1F3B34A1F586177F69/10/62/XFNRLHZRPDJ/7/	7	4	1	10.4			ZeroCERT

First
1
Last
Total : 3cnts