Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2023-08-17 18:25	%E4%B8%80%E9%94%AE%E9%87%8D%E8... f9d4a14f2de2540ca26fc868055c65b3 Emotet Gen1 Generic Malware PhysicalDrive Malicious Library UPX Malicious Packer MPRESS ASPack Anti_VM OS Processor Check PE File ftp PE32 DLL MZP Format ZIP Format PE64 Lnk Format GIF Format VirusTotal Malware PDB suspicious privilege Check memory buffers extracted WMI Creates shortcut Creates executable files RWX flags setting unpack itself AppData folder AntiVM_Disk VM Disk Size Check ComputerName Remote Code Execution Firmware	6 Keyword trend analysis Info http://jsy.newitboy.com/wllinfo/newoemjsyunion/oemsq.dat http://tjonekeynew.klmsdn.com/?ver=8.23.6.20&osver=WIN7_64&sfmark=ai&oem=sq×tamp=1692298582-1&start=1&diskinfo=nospace&kernelver=6.1.7601.17514&product=Oracle%20Corporation_VirtualBox http://ia.51.la/go1?id=21680199&rt=1692298586542&rl=1024*768&lang=en-us&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=32&ds=&ing=1&ekc=&sid=1692298586542&tt=%25E6%2581%25AD%25E5%2596%259C%25EF%25BC%258C%25E7%25AB%2599%25E7%2582%25B9%25E5%2588%259B%25E5%25BB%25BA%25E6%2588%2590%25E5%258A%259F%25EF%25BC%2581&kw=&cu=http%253A%252F%252Ftjonekeynew.klmsdn.com%252F%253Fver%253D8.23.6.20~_~osver%253DWIN7_64~_~sfmark%253Dai~_~oem%253Dsq~_~timestamp%253D1692298582-1~_~start%253D1~_~diskinfo%253Dnospace~_~kernelver%253D6.1.7601.17514~_~product%253DOracle%2520Corporation_VirtualBox&pu= http://js.users.51.la/21680199.js https://hm.baidu.com/hm.js?1b7b7736d7138eb27990166b18aaaa6e https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=32-bit&ds=1024x768&vl=496&et=0&ja=1&ln=en-us&lo=0&rnd=1141383092&si=1b7b7736d7138eb27990166b18aaaa6e&v=1.3.0&lv=1&sn=53817&r=0&ww=679&u=http%3A%2F%2Ftjonekeynew.klmsdn.com%2F%3Fver%3D8.23.6.20%26osver%3DWIN7_64%26sfmark%3Dai%26oem%3Dsq%26timestamp%3D1692298582-1%26start%3D1%26diskinfo%3Dnospace%26kernelver%3D6.1.7601.17514%26product%3DOracle%20Corporation_VirtualBox&tt=%E6%81%AD%E5%96%9C%EF%BC%8C%E7%AB%99%E7%82%B9%E5%88%9B%E5%BB%BA%E6%88%90%E5%8A%9F%EF%BC%81	13 Info tj.klmsdn.com(101.34.214.169) www.services-1222.info() hm.baidu.com(103.235.46.191) - mailcious jsy.newitboy.com(113.207.69.190) ia.51.la(42.236.73.39) js.users.51.la(42.236.73.41) - mailcious tjonekeynew.klmsdn.com(36.248.64.77) 42.236.73.38 101.34.214.169 42.236.74.130 42.56.78.61 103.235.46.191 - mailcious 61.243.158.194			9.4	M	20	ZeroCERT

First
1
Last
Total : 1cnts