Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
9976	2020-10-19 17:55	https://docsecure.top/xls/0099... fd26ed0c60e78722e574799704209d23 Vulnerability VirusTotal Malware MachineGuid Code Injection Checks debugger exploit crash unpack itself Windows utilities malicious URLs suspicious TLD Tofsee Windows Exploit DNS crashed	2 Keyword trend analysis	4	2		7.8	M		guest

9977	2020-10-19 17:25	https://docsecure.top/xls/0099... fd26ed0c60e78722e574799704209d23 Vulnerability VirusTotal Malware MachineGuid Code Injection Checks debugger exploit crash unpack itself Windows utilities malicious URLs suspicious TLD Tofsee Windows Exploit DNS crashed	2 Keyword trend analysis	4	2		7.8	M		guest

9978	2020-10-19 17:18	https://docsecure.top/xls/0099... fd26ed0c60e78722e574799704209d23 Dridex TrickBot Vulnerability VirusTotal Malware MachineGuid Code Injection Malicious Traffic Checks debugger exploit crash unpack itself Windows utilities malicious URLs suspicious TLD Tofsee Kovter Windows Exploit DNS crashed	3 Keyword trend analysis Info http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml https://docsecure.top/xls/00999212.xls https://194.36.191.177/sim/sim.php?Rd=Nb&Rf=fb5f7e13&Rk=test22-PC@@TEST22-PC@@test22@@*192.168.56.101%3A%3A%5B00000007%5D%20Intel%28R%29%20PRO/1000%20MT%20Desktop%20Adapter@@Standalone%20Workstation@@@@no%20LDAP%3B%3ASUM%3A0%3A&1790317629	5	4		8.8	M		guest

9979	2020-10-19 17:07	https://docsecure.top/xls/0099... fd26ed0c60e78722e574799704209d23 Vulnerability VirusTotal Malware MachineGuid Code Injection Checks debugger exploit crash unpack itself Windows utilities malicious URLs suspicious TLD Tofsee Windows Exploit DNS crashed	2 Keyword trend analysis	4	2		7.8	M		guest

9980	2020-10-19 16:27	https://docsecure.top/xls/0099... fd26ed0c60e78722e574799704209d23 Vulnerability VirusTotal Malware MachineGuid Code Injection Checks debugger exploit crash unpack itself Windows utilities malicious URLs suspicious TLD Tofsee Windows Exploit DNS crashed	2 Keyword trend analysis	4	2		7.8	M		guest

9981	2020-10-19 16:13	https://docsecure.top/xls/0099... fd26ed0c60e78722e574799704209d23 Vulnerability VirusTotal Malware MachineGuid Code Injection Checks debugger exploit crash unpack itself Windows utilities malicious URLs suspicious TLD Tofsee Windows Exploit DNS crashed	2 Keyword trend analysis	4	2		7.8	M		guest

9982	2020-10-19 16:05	https://docsecure.top/xls/0099... fd26ed0c60e78722e574799704209d23 Vulnerability VirusTotal Malware MachineGuid Code Injection Checks debugger exploit crash unpack itself Windows utilities malicious URLs suspicious TLD Tofsee Windows Exploit DNS crashed	2 Keyword trend analysis	4	2		7.8	M		guest

9983	2020-10-19 15:18	https://docsecure.top/xls/0099... fd26ed0c60e78722e574799704209d23 Vulnerability VirusTotal Malware MachineGuid Code Injection Checks debugger exploit crash unpack itself Windows utilities malicious URLs suspicious TLD Tofsee Windows Exploit DNS crashed	2 Keyword trend analysis	4	2		7.8	M		guest

9984	2020-10-19 15:01	test.html d41d8cd98f00b204e9800998ecf8427e Dridex Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed	1 Keyword trend analysis	2	3		3.8			guest

9985	2020-10-19 13:18	https://docsecure.top/xls/0099... fd26ed0c60e78722e574799704209d23 Dridex TrickBot Vulnerability VirusTotal Malware MachineGuid Code Injection Malicious Traffic Checks debugger exploit crash unpack itself Windows utilities malicious URLs suspicious TLD Tofsee Kovter Windows Exploit DNS crashed	3 Keyword trend analysis Info http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml https://docsecure.top/xls/00999212.xls https://194.36.191.177/sim/sim.php?Rd=Nb&Rf=fb5f7e13&Rk=test22-PC@@TEST22-PC@@test22@@*192.168.56.101%3A%3A%5B00000007%5D%20Intel%28R%29%20PRO/1000%20MT%20Desktop%20Adapter@@Standalone%20Workstation@@@@no%20LDAP%3B%3ASUM%3A0%3A&1951826145	5	4		8.8	M		guest

9986	2020-10-19 11:16	https://docsecure.top/xls/0099... fd26ed0c60e78722e574799704209d23 Vulnerability VirusTotal Malware MachineGuid Code Injection Checks debugger exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed	2 Keyword trend analysis	2	2		7.0	M		admin

9987	2020-10-19 11:16	https://docsecure.top/111.exe ff47e6eb2602178a4306e4fcecb15b7d Dridex TrickBot ENERGETIC BEAR VirusTotal Malware Report suspicious privilege Code Injection buffers extracted Creates executable files RWX flags setting exploit crash unpack itself Windows utilities Tofsee Kovter Windows Exploit ComputerName DNS crashed	2 Keyword trend analysis	7	8 Info SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET CNC Feodo Tracker Reported CnC Server group 13 ET CNC Feodo Tracker Reported CnC Server group 24 ET DNS Query to a *.top domain - Likely Hostile ET CNC Feodo Tracker Reported CnC Server group 1 ET CNC Feodo Tracker Reported CnC Server group 23 ET JA3 Hash - Possible Malware - Various Trickbot/Kovter/Dridex ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O)		8.4			admin

9988	2020-10-19 11:13	OperaSetup.exe ff4661ec5bef09ac7fcf479c933d2d81 Malware Malicious Traffic Check memory Checks debugger Creates executable files unpack itself AppData folder AntiVM_Disk VM Disk Size Check Tofsee Remote Code Execution DNS	5 Keyword trend analysis Info https://autoupdate.geo.opera.com/v2/netinstaller/Stable/windows/x64 https://desktop-netinstaller-sub.osp.opera.software/v1/binary https://autoupdate.geo.opera.com/geolocation/ https://desktop-netinstaller-sub.osp.opera.software/v1/binary https://desktop-netinstaller-sub.osp.opera.software/v1/binary https://desktop-netinstaller-sub.osp.opera.software/v1/binary https://desktop-netinstaller-sub.osp.opera.software/v1/binary https://download.opera.com/download/get/?id=51078&autoupdate=1&ni=1&stream=stable&utm_campaign=(direct)_via_opera_com_https&utm_medium=doc&utm_site=opera_com&utm_source=(direct)_via_opera_com&utm_tryagain=yes&niuid=9ff42522-a862-4912-b63e-6c2e545f3ad4 https://desktop-netinstaller-sub.osp.opera.software/v1/binary https://desktop-netinstaller-sub.osp.opera.software/v1/binary https://desktop-netinstaller-sub.osp.opera.software/v1/binary https://download.opera.com/download/get/?id=51081&autoupdate=1&ni=1 https://desktop-netinstaller-sub.osp.opera.software/v1/binary https://desktop-netinstaller-sub.osp.opera.software/v1/binary https://desktop-netinstaller-sub.osp.opera.software/v1/binary https://desktop-netinstaller-sub.osp.opera.software/v1/binary https://desktop-netinstaller-sub.osp.opera.software/v1/binary https://desktop-netinstaller-sub.osp.opera.software/v1/binary	4	1		5.4			guest

9989	2020-10-19 10:55	https://docsecure.top/xls/0051... 1857ec35df81a3cb7fe02c9382ba3be7 Dridex TrickBot Vulnerability VirusTotal Malware MachineGuid Code Injection Malicious Traffic Checks debugger exploit crash unpack itself Windows utilities Tofsee Kovter Windows Exploit DNS crashed	3 Keyword trend analysis Info http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml https://docsecure.top/xls/00517069.xls https://194.36.191.177/sim/sim.php?Rd=Nb&Rf=fb5f7e13&Rk=test22-PC@@TEST22-PC@@test22@@*192.168.56.101%3A%3A%5B00000007%5D%20Intel%28R%29%20PRO/1000%20MT%20Desktop%20Adapter@@Standalone%20Workstation@@@@no%20LDAP%3B%3ASUM%3A0%3A&1623214863	3	4		7.2	M		admin

9990	2020-10-19 10:53	Document13177.xlsb 136d90dfdc8d28ccfc090f1d09c9bd18 Dridex Malware Creates executable files unpack itself malicious URLs Tofsee DNS	1 Keyword trend analysis	1	3		4.6			guest

First
Previous
661
662
663
664
665
666
667
668
669
670
Next
Last
Total : 10,206cnts