Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2024-09-30 11:58	1.exe c3c547a2f7ba40a8ccc74c64f56f74bf Generic Malware Malicious Library Malicious Packer ASPack UPX PE File DllRegisterServer dll PE32 OS Processor Check VirusTotal Malware suspicious privilege Creates executable files unpack itself AppData folder sandbox evasion Remote Code Execution					4.0	M	55	ZeroCERT

2	2024-06-16 10:27	3-1.exe 0c52be0ed6803e36100228e2b0671b4a Generic Malware Malicious Library ASPack UPX Malicious Packer AntiDebug AntiVM DllRegisterServer dll PE File PE32 OS Processor Check JPEG Format DLL MZP Format VirusTotal Malware Buffer PE AutoRuns suspicious privilege Code Injection Check memory buffers extracted Creates executable files RWX flags setting unpack itself Windows utilities AppData folder sandbox evasion Tofsee Windows Browser Advertising Google ComputerName Remote Code Execution DNS DDNS crashed keylogger	3 Keyword trend analysis Info http://freedns.afraid.org/api/?action=getdyndns&sha=a30fa98efc092684e8d1c5cff797bcc613562978 https://drive.usercontent.google.com/download?id=0BxsMXGfPIZfSVlVsOGlEVGxuZVk&export=download https://drive.usercontent.google.com/download?id=0BxsMXGfPIZfSTmlVYkxhSDg5TzQ&export=download	12 Info www.dropbox.com(162.125.84.18) - mailcious drive.usercontent.google.com(142.250.207.97) - mailcious freedns.afraid.org(69.42.215.252) docs.google.com(172.217.25.174) - mailcious xred.mooo.com() - mailcious smtp.163.com(103.129.252.45) 103.129.252.45 142.250.66.129 142.251.222.206 38.147.172.248 69.42.215.252 162.125.84.18 - mailcious	3		15.8	M	63	ZeroCERT

3	2024-06-16 10:26	jiali.exe 6c63f5db1f5beff0a1cb3af035ca3d4c Generic Malware Malicious Packer Malicious Library Downloader ASPack UPX Anti_VM DllRegisterServer dll PE File PE32 OS Processor Check VirusTotal Malware suspicious privilege Creates executable files unpack itself AppData folder sandbox evasion WriteConsoleW installed browsers check Browser Remote Code Execution DNS		4			6.4	M	45	ZeroCERT

4	2024-06-16 10:23	WB.exe 2ca46e1c431bc4a3e5a01921e1e13a50 Emotet Generic Malware Downloader ASPack UPX Malicious Packer Malicious Library Anti_VM AntiDebug AntiVM PE File PE32 DllRegisterServer dll OS Processor Check JPEG Format DLL MZP Format VirusTotal Malware Buffer PE AutoRuns suspicious privilege Code Injection Check memory buffers extracted Creates executable files RWX flags setting unpack itself AppData folder sandbox evasion WriteConsoleW installed browsers check Tofsee Windows Browser Advertising Google ComputerName Remote Code Execution DNS DDNS crashed keylogger	3 Keyword trend analysis Info http://freedns.afraid.org/api/?action=getdyndns&sha=a30fa98efc092684e8d1c5cff797bcc613562978 https://drive.usercontent.google.com/download?id=0BxsMXGfPIZfSVlVsOGlEVGxuZVk&export=download https://drive.usercontent.google.com/download?id=0BxsMXGfPIZfSTmlVYkxhSDg5TzQ&export=download	13 Info www.dropbox.com(162.125.84.18) - mailcious drive.usercontent.google.com(142.250.206.193) - mailcious freedns.afraid.org(69.42.215.252) docs.google.com(172.217.25.174) - mailcious xred.mooo.com() - mailcious ddos.dnsnb8.net(44.221.84.105) - mailcious 142.250.66.129 44.221.84.105 51.15.193.130 216.58.203.78 38.147.172.248 69.42.215.252 162.125.84.18 - mailcious	2		17.0	M	32	ZeroCERT

First
1
Last
Total : 4cnts