Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2024-10-16 11:23	center.exe ee2e125214ee4ebef8f570dd6f0d0cc4 Emotet Malicious Library UPX PE File CAB PE32 Lnk Format GIF Format Malware download Dridex VirusTotal Malware AutoRuns PDB Check memory Checks debugger Creates shortcut Creates executable files unpack itself AntiVM_Disk VM Disk Size Check Windows ComputerName Remote Code Execution DNS	8 Keyword trend analysis Info http://www.seetrol.com/update3/STKeyHook.dll http://www.seetrol.com/update3/NetScan.exe http://www.seetrol.com/update3/Seetrol_Clt.exe http://www.seetrol.com/update3/SeetrolClient.exe http://www.seetrol.com/update3/SeetrolMyService.exe http://www.seetrol.com/update3/sthooks.dll http://www.seetrol.com/update3/STUpdate.exe http://www.seetrol.com/update3/sas.dll	3	2		5.8		2	ZeroCERT

2	2023-09-27 17:34	clean.exe 9fa10337d494e4b832b790bd53352fc4 Gen1 Emotet Malicious Library UPX PE File PE32 CAB VirusTotal Malware unpack itself AntiVM_Disk VM Disk Size Check Remote Code Execution crashed					2.0		4	ZeroCERT

3	2023-01-09 10:22	umciavi32.exe e5649ab2c67d8468c964cb286c6624be Gen2 Gen1 Malicious Library UPX PE32 OS Processor Check PE File VirusTotal Malware PDB unpack itself crashed					1.8	M	39	ZeroCERT

4	2022-07-09 14:02	wininit.exe 31e105135a4901bd485731c281d93842 Formbook RAT UPX DNS AntiDebug AntiVM PE32 .NET EXE PE File FormBook Malware download VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted ICMP traffic unpack itself Remote Code Execution	10 Keyword trend analysis Info http://www.sqlite.org/2014/sqlite-dll-win32-x86-3080300.zip http://www.yildizcammozaik.com/ermr/?RP=maHpXnaM3ES7ass047j+rYe7ywkQ6sIa+zMUHRf6FdnjceShe7iWek1xez75wPPKDxHxa+3GAuZSQYRi3X32tWMQtbJuamcH5T3UeOM=&rVBt5x=S0D0XvJ http://www.tengxun25.com/ermr/?RP=z5ztsSeI5c8PZUmmOFrlvI6YQk5Ww6vikgBjsK6bd05DG2ipm65gH2Vt1WL+Vdpj8XLS6S0/NWUU9Zvq3tYOh10aKfRPOQwVF4QX6Zs=&rVBt5x=S0D0XvJ http://www.ifair.ltd/ermr/?RP=/9ZteFs8/UFmHw++OdVafJDrYArXJAudtRtGPwGrOJYhpjVoXCtt1R79ico1t+l9sIsO48u5X6s79atvyvuDYeIqjKi++6JpZ3i1QlQ=&rVBt5x=S0D0XvJ http://www.lastsummercog.com/ermr/?RP=tJUGbX/494rgI5Ijrw67IWZ/LeVBVZprruRYj1fFsvoRhT+RX4E4fdom/CtjJc/F9+5/3ZADUYV6Dgc94tN1/bYfnw7GmWl79lPiqAk=&rVBt5x=S0D0XvJ http://www.086ic.net/ermr/?RP=vDZKFu61WEKSdSwECT48CRbOeIERVglNjABU5qZu2aOebBHSuaGwF9Qqa5FIHr/zyoeZ9Du5ySUjURJUSWUe0yjhmgxjNLNdv+PILPw=&rVBt5x=S0D0XvJ http://www.beautytung.com/ermr/?RP=1ns1t181qN77tTssMapkd67hqOwL8XjGF8TbzlZ9cVD/BWRLjJkrp95DeSkEZZoMVZ/WfuPPYPTfhgozK54iy/+8A8qRCEnDpYsy7PQ=&rVBt5x=S0D0XvJ http://www.glasslabel.store/ermr/?RP=7hdjePkBfZ4/PwtDFh7BRafOUoROVtFGLs3QugxB4+NjQohR4hDKeJ0gWLUZo9UP7GRyEuSo+zfu2y1JhsAmxHFHmQCRQawgcpRSFKA=&rVBt5x=S0D0XvJ http://www.qj-gc.com/ermr/?RP=CMigEYZtSkFiXRSybLBs6JP8TbwU6pIMFyEsc1KW0mbFFZo/BVmv0Zuq/IUS+n8nBaadDccBEqbW69vL6cgXwMsM7G6D9RUmZYHPqKM=&rVBt5x=S0D0XvJ http://www.koreavegancosmetic.com/ermr/?RP=5WnOwryU2Z5saPb0oGGSO0soJdwZ+qZBrMotzPI3zVkuMuhSXcdEeHa6+ajmQncCHRZYZEOsGeG0f4r92F/JhQYx1x7Tnyly5ZZW3q4=&rVBt5x=S0D0XvJ	24 Info www.yildizcammozaik.com(107.160.120.122) www.proteknindo.website(194.233.77.193) www.cuetechkorea.com() www.086ic.net(154.203.146.165) www.lastsummercog.com(162.0.216.69) www.beautytung.com(154.212.126.12) www.qj-gc.com(170.130.195.132) www.glasslabel.store(185.201.8.86) www.sweetpart-0621.com() www.tengxun25.com(156.235.210.134) www.sqlite.org(45.33.6.223) www.ifair.ltd(216.118.232.50) www.koreavegancosmetic.com(14.128.132.150) 194.233.77.193 170.130.195.132 156.235.210.134 14.128.132.150 103.135.248.207 107.160.120.122 154.203.146.165 185.201.8.86 154.212.126.12 45.33.6.223 162.0.216.69 - mailcious	1		10.0	M	25	ZeroCERT

5	2021-05-13 16:03	easyon-1.exe a0b256269745ce17a7782647a66c9428 Emotet PE File PE32 DLL PE64 OS Processor Check Malware download Dridex Malware AutoRuns PDB suspicious privilege Check memory Checks debugger Creates executable files unpack itself Windows utilities AntiVM_Disk sandbox evasion WriteConsoleW Firewall state off VM Disk Size Check Windows Remote Code Execution	16 Keyword trend analysis Info http://www.seetrol.com/update3/NetScan.exe http://www.seetrol.com/update3/MirrInst64.exe http://www.seetrol.com/update3/105/x64/dfmirage.dll http://www.seetrol.com/update3/105/x86/dfmirage.sys http://www.seetrol.com/update3/068/dfmirage.sys http://www.seetrol.com/update3/Install.txt http://www.seetrol.com/update3/068/dfmirage.dll http://www.seetrol.com/update3/105/dfmirage.cat http://www.seetrol.com/update3/MirrInst32.exe http://www.seetrol.com/update3/105/dfmirage.inf http://www.seetrol.com/update3/SeetrolCenter.exe http://www.seetrol.com/update3/105/x86/dfmirage.dll http://www.seetrol.com/update3/068/dfmirage.inf http://www.seetrol.com/update3/105/x64/dfmirage.sys http://www.seetrol.com/update3/Uninstall.txt http://www.seetrol.com/update3/068/dfmirage.cat	4	3		8.4			guest

First
1
Last
Total : 5cnts