Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1	2021-09-14 10:04	New_592108806100xls.exe 9721889aa569e1cfd50d9578572d514c RAT PWS .NET framework Generic Malware Antivirus PE File .NET EXE PE32 VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger WMI Creates shortcut ICMP traffic unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key crashed		4			8.6	M	15	ZeroCERT

2	2021-09-14 10:00	re_85412000040631.exe 2c0b0eefba55c2f87d69a6bf911393ee RAT PWS .NET framework Generic Malware Antivirus AntiDebug AntiVM PE File .NET EXE PE32 FormBook Malware download VirusTotal Malware powershell suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates shortcut ICMP traffic unpack itself powershell.exe wrote suspicious process malicious URLs WriteConsoleW Windows ComputerName Cryptographic key crashed	5 Keyword trend analysis Info http://www.blackboardlearner.com/wdhc/?t8r8=TBF4QF9io4sSEQmCaBQoZ+5gW212XRfd7333SE9A7ljtF1YvNAZ7G85Xeo7ZifkM4xIsMZPi&9r4P-=J4k0 http://www.vz183.com/wdhc/?t8r8=dP5g+++wT75Jt3/cY7q9jIHsNYxd3EvZpJ+2BwK6sR70h/TJSvWUFQgeFwX3dpAq0q6prhJP&9r4P-=J4k0 http://www.voicemytee.com/wdhc/?t8r8=zpZhyM68unR/dn3W++GZFm0vSNLYQKlzt1iU/GG0JzJMoZEEO2+nJXmHVsreE2sZlyW9Q7MC&9r4P-=J4k0 http://www.mbiflhomes.com/wdhc/?t8r8=6X6gv0jEg76ASOBM1UkoKcsElCgy8dCWXCUxkH+5gzcTQlMUKHIC+4bLc3oH4yv61qQbxYm1&9r4P-=J4k0 http://www.mariguanamexico.com/wdhc/?t8r8=IK+H3nEtbKVHI9tawXjAeQb5d9H9tD4CP46R62AD6egfawQ/s52exRcKhVKUDRoX73kchjTB&9r4P-=J4k0	16 Info www.google.com(172.217.31.164) www.vz183.com(34.102.136.180) www.youtube.com(172.217.175.46) www.idchords.com(154.222.227.25) www.voicemytee.com(23.227.38.74) www.mbiflhomes.com(162.241.244.121) www.blackboardlearner.com(72.14.178.174) www.mariguanamexico.com(209.99.40.222) 72.14.185.43 209.99.40.222 - mailcious 34.102.136.180 - mailcious 154.222.227.25 142.250.199.78 142.250.66.36 23.227.38.74 - mailcious 162.241.244.121	1		13.2	M	28	ZeroCERT

3	2021-09-14 09:56	Re_904656001200037xls.exe bc2b9bca947ae4fa75b70d0ee7ebf69e RAT PWS .NET framework Generic Malware Antivirus AntiDebug AntiVM PE File .NET EXE PE32 VirusTotal Malware powershell Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted WMI Creates shortcut ICMP traffic RWX flags setting unpack itself powershell.exe wrote suspicious process malicious URLs WriteConsoleW Windows ComputerName Cryptographic key crashed		4			12.0	M	16	ZeroCERT

First
1
Last
Total : 3cnts