Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
31	2020-07-20 13:33	23d3382.hta d8c6560478cca57bb84a2c37228c44bf Malware Code Injection Malicious Traffic unpack itself Windows utilities malicious URLs Tofsee Windows DNS	2 Keyword trend analysis Info https://clients2.google.com/service/check2?crx3=true&appid=%7B430FD4D0-B729-4F61-AA34-91526481799D%7D&appversion=1.3.35.452&applang=&machine=1&version=1.3.35.452&userid=&osversion=6.1&servicepack=Service%20Pack%201 https://update.googleapis.com/service/update2?cup2key=10:3853635478&cup2hreq=92a7148437394b58f7ec4abd157fc4e0117c52535a660c1e0d7b4db923123f53	2	1		4.0

32	2020-07-20 13:39	index.doc b60e35e93dbbbc16b3e578ec6645c562 Vulnerability VirusTotal Malware Malicious Traffic unpack itself Tofsee DNS	5 Keyword trend analysis Info http://www.szhealthshield.com/websiteguide/k82i/ https://digitalcon7.net/wp-snapshots/0Wn/ https://exam.ylsbmeirong.com/data/tjEyH973/ https://clients2.google.com/service/check2?crx3=true&appid=%7B430FD4D0-B729-4F61-AA34-91526481799D%7D&appversion=1.3.35.452&applang=&machine=1&version=1.3.35.452&userid=&osversion=6.1&servicepack=Service%20Pack%201 https://update.googleapis.com/service/update2?cup2key=10:616390958&cup2hreq=a32c267c8d5d3ad228c9b82cbf2e70cb8d8956df84658eec24e35e7161705363	8	1		6.0	M	37

33	2020-07-20 14:01	http://agoty.org/wp-content/up... b60e35e93dbbbc16b3e578ec6645c562 VirusTotal Malware Code Injection exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed	2 Keyword trend analysis Info http://agoty.org/wp-content/uploads/1569700949_aQmJGB6jChk2g_6711054_esaD78/e0n1mn2x_6ygf_41wR_vLbhodeZ/05uoy_108vytsx7/ https://clients2.google.com/service/check2?crx3=true&appid=%7B430FD4D0-B729-4F61-AA34-91526481799D%7D&appversion=1.3.35.452&applang=&machine=1&version=1.3.35.452&userid=&osversion=6.1&servicepack=Service%20Pack%201	2	1		4.0	M

34	2020-07-20 14:06	23d3382.hta d8c6560478cca57bb84a2c37228c44bf Malware Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces malicious URLs human activity check Tofsee Interception ComputerName DNS	5 Keyword trend analysis Info http://www.hajjinfo-org.tar-gz.net/plugins/15984/11992/true/true/ http://swupmf.adobe.com/manifest/60/win/reader9rdr-en_US.upd http://swupmf.adobe.com/manifest/60/win/AdobeUpdater.upd http://www.hajjinfo-org.tar-gz.net/cgi/8ee4d36866/15984/11992/28673f34/file.hta https://cdn-m1l.net/202/n0gbg3QzgawhZHfdd8e5v2uXl2Q6dymqpyraEjMN/15984/11992/1b31ea0f	3	2		6.6

35	2020-07-20 14:15	23d3382.hta d8c6560478cca57bb84a2c37228c44bf Browser Info Stealer Malware Code Injection Malicious Traffic Check memory Checks debugger buffers extracted RWX flags setting exploit crash unpack itself Check virtual network interfaces malicious URLs installed browsers check Tofsee Exploit Browser ComputerName DNS crashed	3 Keyword trend analysis	2	2		8.8

36	2020-07-20 14:27	http://www.nalara1220.o-r.kr/ c032bb944d6fba21799bd5a4df5b6122 Dridex Malware Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	11 Keyword trend analysis Info http://www.nalara1220.o-r.kr/favicon.ico http://www.nalara1220.o-r.kr/CSS/js/lightslider.js http://www.nalara1220.o-r.kr/CSS/mainC.css http://www.nalara1220.o-r.kr/intro/bizintro_soca1.jpg http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js http://www.nalara1220.o-r.kr/CSS/css/lightslider.css http://www.nalara1220.o-r.kr/ http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml http://www.nalara1220.o-r.kr/main.jpg http://www.nalara1220.o-r.kr/main.jsp http://www.nalara1220.o-r.kr/intro/bizintro_soca2.jpg	3	3		4.6

37	2020-07-20 14:33	http://www.nalara1220.o-r.kr/ c032bb944d6fba21799bd5a4df5b6122 Dridex Malware Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	11 Keyword trend analysis Info http://www.nalara1220.o-r.kr/favicon.ico http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js http://www.nalara1220.o-r.kr/main.jpg http://www.nalara1220.o-r.kr/ http://www.nalara1220.o-r.kr/main.jsp http://www.nalara1220.o-r.kr/intro/bizintro_soca2.jpg http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml http://www.nalara1220.o-r.kr/CSS/mainC.css http://www.nalara1220.o-r.kr/CSS/js/lightslider.js http://www.nalara1220.o-r.kr/intro/bizintro_soca1.jpg http://www.nalara1220.o-r.kr/CSS/css/lightslider.css	3	3		4.6

38	2020-07-20 15:11	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 VirusTotal Malware AutoRuns suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files ICMP traffic exploit crash unpack itself Windows utilities AppData folder malicious URLs AntiVM_Disk sandbox evasion Firewall state off VM Disk Size Check human activity check installed browsers check Tofsee Ransomware Interception Windows Exploit Browser ComputerName DNS crashed	8 Keyword trend analysis Info http://download.nullsoft.com/redist/dx/d3dx9_31_42_x86_embed.exe http://client.winamp.com/update?v=5.8&ID=BE3FEB0E973D1245B7E64DE6F6CD049C&lang=en-US http://client.winamp.com/update/client_session.php?v=5.8&ID=BE3FEB0E973D1245B7E64DE6F6CD049C&st1=0&st2=0&st3=0&st4=0&st5=0&st6=0&st7=0&st8=0&st9=0&st10=0&st11=0&st12=-1&st13=0&st14=0&st15=0&st16=0&st17=0&st18=0&st19=0&st20=0&st21=0&st22=0&st23=0&st24=0&st25=0&st26=0&lang=en-US http://client.winamp.com/update?v=5.8&ID=BE3FEB0E973D1245B7E64DE6F6CD049C&st1=0&st2=0&st3=0&st4=0&st5=0&st6=0&st7=0&st8=0&st9=0&st10=0&st11=0&st12=-1&st13=0&st14=0&st15=0&st16=0&st17=0&st18=0&st19=0&st20=0&st21=0&st22=0&st23=0&st24=0&st25=0&st26=0&lang=en-US http://client.winamp.com/update/latest-version.php?v=5.8&ID=BE3FEB0E973D1245B7E64DE6F6CD049C&lang=en-US http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml https://download.nullsoft.com/winamp/client/winamp58_3660_beta_full_en-us.exe https://download.nullsoft.com/winamp/misc/winamp58_3660_beta_full_en-us.exe	4	2		15.2

39	2020-07-20 15:22	http://www.nalara1220.o-r.kr/ c032bb944d6fba21799bd5a4df5b6122 Dridex Malware Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	11 Keyword trend analysis Info http://www.nalara1220.o-r.kr/favicon.ico http://www.nalara1220.o-r.kr/CSS/css/lightslider.css http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js http://www.nalara1220.o-r.kr/CSS/js/lightslider.js http://www.nalara1220.o-r.kr/ http://www.nalara1220.o-r.kr/main.jsp http://www.nalara1220.o-r.kr/intro/bizintro_soca2.jpg http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml http://www.nalara1220.o-r.kr/intro/bizintro_soca1.jpg http://www.nalara1220.o-r.kr/main.jpg http://www.nalara1220.o-r.kr/CSS/mainC.css	3	3		4.6

40	2020-07-20 15:36	http://www.nalara1220.o-r.kr/ c032bb944d6fba21799bd5a4df5b6122 Dridex Malware Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed	11 Keyword trend analysis Info http://www.nalara1220.o-r.kr/CSS/js/lightslider.js http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js http://www.nalara1220.o-r.kr/main.jpg http://www.nalara1220.o-r.kr/ http://www.nalara1220.o-r.kr/CSS/css/lightslider.css http://www.nalara1220.o-r.kr/main.jsp http://www.nalara1220.o-r.kr/intro/bizintro_soca1.jpg http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml http://www.nalara1220.o-r.kr/CSS/mainC.css http://www.nalara1220.o-r.kr/intro/bizintro_soca2.jpg http://www.nalara1220.o-r.kr/favicon.ico	4	3		5.2

41	2020-07-20 15:53	http://www.nalara1220.o-r.kr/ c032bb944d6fba21799bd5a4df5b6122 Dridex Malware Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	11 Keyword trend analysis Info http://www.nalara1220.o-r.kr/CSS/mainC.css http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js http://www.nalara1220.o-r.kr/favicon.ico http://www.nalara1220.o-r.kr/intro/bizintro_soca1.jpg http://www.nalara1220.o-r.kr/ http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml http://www.nalara1220.o-r.kr/CSS/js/lightslider.js http://www.nalara1220.o-r.kr/main.jpg http://www.nalara1220.o-r.kr/main.jsp http://www.nalara1220.o-r.kr/CSS/css/lightslider.css http://www.nalara1220.o-r.kr/intro/bizintro_soca2.jpg	3	3		4.6

42	2020-07-20 16:10	http://www.nalara1220.o-r.kr/ c032bb944d6fba21799bd5a4df5b6122 Dridex Malware Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	11 Keyword trend analysis Info http://www.nalara1220.o-r.kr/main.jpg http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js http://www.nalara1220.o-r.kr/CSS/js/lightslider.js http://www.nalara1220.o-r.kr/ http://www.nalara1220.o-r.kr/favicon.ico http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml http://www.nalara1220.o-r.kr/CSS/mainC.css http://www.nalara1220.o-r.kr/intro/bizintro_soca1.jpg http://www.nalara1220.o-r.kr/intro/bizintro_soca2.jpg http://www.nalara1220.o-r.kr/main.jsp http://www.nalara1220.o-r.kr/CSS/css/lightslider.css	3	3		4.6

43	2020-07-20 16:17	http://www.nalara1220.o-r.kr/ c032bb944d6fba21799bd5a4df5b6122 Dridex Malware Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	11 Keyword trend analysis Info http://www.nalara1220.o-r.kr/intro/bizintro_soca1.jpg http://www.nalara1220.o-r.kr/CSS/js/lightslider.js http://www.nalara1220.o-r.kr/main.jpg http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js http://www.nalara1220.o-r.kr/intro/bizintro_soca2.jpg http://www.nalara1220.o-r.kr/favicon.ico http://www.nalara1220.o-r.kr/ http://www.nalara1220.o-r.kr/CSS/css/lightslider.css http://www.nalara1220.o-r.kr/main.jsp http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml http://www.nalara1220.o-r.kr/CSS/mainC.css	8	3		4.6

44	2020-07-20 16:24	http://www.nalara1220.o-r.kr/ c032bb944d6fba21799bd5a4df5b6122 Dridex Malware Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	11 Keyword trend analysis Info http://www.nalara1220.o-r.kr/CSS/css/lightslider.css http://www.nalara1220.o-r.kr/intro/bizintro_soca2.jpg http://www.nalara1220.o-r.kr/CSS/mainC.css http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js http://www.nalara1220.o-r.kr/CSS/js/lightslider.js http://www.nalara1220.o-r.kr/intro/bizintro_soca1.jpg http://www.nalara1220.o-r.kr/ http://www.nalara1220.o-r.kr/main.jpg http://www.nalara1220.o-r.kr/main.jsp http://www.nalara1220.o-r.kr/favicon.ico http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml	3	3		4.6

45	2020-07-20 16:29	http://www.nalara1220.o-r.kr/ c032bb944d6fba21799bd5a4df5b6122 Dridex Malware Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	11 Keyword trend analysis Info http://www.nalara1220.o-r.kr/main.jpg http://www.nalara1220.o-r.kr/CSS/mainC.css http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js http://www.nalara1220.o-r.kr/intro/bizintro_soca1.jpg http://www.nalara1220.o-r.kr/ http://www.nalara1220.o-r.kr/CSS/js/lightslider.js http://www.nalara1220.o-r.kr/main.jsp http://www.nalara1220.o-r.kr/intro/bizintro_soca2.jpg http://www.nalara1220.o-r.kr/CSS/css/lightslider.css http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml http://www.nalara1220.o-r.kr/favicon.ico	3	3		4.6

First
Previous
1
2
3
4
5
6
7
8
9
10
Next
Last
Total : 10,197cnts