Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
10006	2020-10-13 18:26	invoice.exe 9448a7e12108858e1e48097be290987b Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces malicious URLs WriteConsoleW Tofsee Ransomware Windows Browser Tor Email ComputerName DNS Cryptographic key Software crashed keylogger	2 Keyword trend analysis	2	1		16.2		21	guest

10007	2020-10-13 18:25	http://eddyholdingshuttle.co.z... 9448a7e12108858e1e48097be290987b Browser Info Stealer Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files exploit crash unpack itself Windows utilities Check virtual network interfaces malicious URLs WriteConsoleW Tofsee Windows Exploit Browser Email ComputerName DNS Cryptographic key Software crashed keylogger	6 Keyword trend analysis	5	3		17.6			guest

10008	2020-10-13 16:51	https://bitbucket.org/soyag/la... b034a3ff4284b5b549d1c55387207229 Dridex Malware Code Injection unpack itself Windows utilities malicious URLs Tofsee Windows DNS		1	3		2.8			guest

10009	2020-10-13 11:22	http://www.advisertours.com/08... ca26ad3cfd67703c3e7a4855407725b5 Dridex VirusTotal Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities AppData folder malicious URLs Tofsee Windows Exploit DNS crashed	3 Keyword trend analysis	2	4		5.0	M	46	admin

10010	2020-10-13 10:23	47694201-20200919-YB449177.doc 4c99a6917c48b0dc5f30045683c43840 ENERGETIC BEAR Vulnerability VirusTotal Malware Report Malicious Traffic unpack itself malicious URLs Tofsee Windows DNS	1 Keyword trend analysis	8	8 Info SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET CNC Feodo Tracker Reported CnC Server group 19 ET CNC Feodo Tracker Reported CnC Server group 24 ET CNC Feodo Tracker Reported CnC Server group 11 ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET INFO EXE - Served Attached HTTP ET CNC Feodo Tracker Reported CnC Server group 17		6.8		42	guest

10011	2020-10-13 09:50	cr.exe d39be521d865df3ab5f3142e22427167 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces malicious URLs Tofsee Ransomware Windows Browser Tor Email ComputerName DNS Cryptographic key Software crashed keylogger	2 Keyword trend analysis	2	1		12.2		27	guest

10012	2020-10-13 09:29	magi.jpg.exe 6f09c7f423232ef509f90e66b1146a50 VirusTotal Malware powershell suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself powershell.exe wrote Check virtual network interfaces suspicious process malicious URLs WriteConsoleW Tofsee Windows ComputerName DNS Cryptographic key	3 Keyword trend analysis	2	1		16.6	M	34	guest

10013	2020-10-09 10:02	http://popcash.net/world/go/18... 69f7b51e3f887ef9139b43b846a49cfd Dridex VirusTotal Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	7 Keyword trend analysis Info http://chipdie.site/ http://ps.popcash.net/ad/ad?p=181821&w=589043&t=9bc74964fd6ccb57&r=&vw=0&vh=0 http://ps.popcash.net/go/181821/589043 http://popcash.net/world/go/181821/589043 http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml http://eu.dspultra.com/api/submit_form_request?p=204dca5a-0295-4f86-9478-9570c391faa4&ts=1602205208&z=3294095 http://eu.dspultra.com/api/win_request?sw=1365&sh=1024&ww=1387&wh=992&wiw=1365&wih=899&rf=http%3A%2F%2Fps.popcash.net%2Fgo%2F181821%2F589043&ad_scheme=1&x=1365&y=899&wx=-11&wy=-11&wfc=0&pl=http%3A%2F%2Feu.dspultra.com%2Fapi%2Fsubmit_form_request%3Fp%3D204dca5a-0295-4f86-9478-9570c391faa4%26ts%3D1602205208%26z%3D3294095%23pc303160&np=-1&pt=0&nb=0&ng=1&dm=undefined&cf=1&co=0&ix=0&fs=1&timeout=0&p=204dca5a-0295-4f86-9478-9570c391faa4	5	3		4.6	M		guest

10014	2020-10-09 09:44	osi.exe 918b4df1f8d7b1e18e3e8fccdef3f5de VirusTotal Malware unpack itself Tofsee DNS crashed	2 Keyword trend analysis	1	1		3.0		37	guest

10015	2020-10-08 11:03	http://50.121.226.158/changepw... 22d27255d945c05b79bfc74eb69a77a0 Dridex VirusTotal Malware Code Injection Malicious Traffic Creates executable files RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	4 Keyword trend analysis	2	3		6.0	M	50	admin

10016	2020-10-08 10:09	http://e-money.kr/ 7d4638c3d5662dd60fcee9df0d9b75e5 Dridex Malware Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	31 Keyword trend analysis Info http://b.rmgserving.com/rmgjsc/zcFilters.js?1 http://e-money.kr/px.js?ch=1 http://usa.claudia-luc.com/zcvisitor/589a64bc-0902-11eb-86af-0aa13ab7a395?campaignid=082dbb60-c1ce-11ea-88e6-0a06ea97c507 http:///aS/feedclick?s=Ilxxar-4JDjHYSZnQRV0rUoLXZk8gkPQsSjqVHDOpXKt3Q5wgRfqufs5fHRXPDoQY_iD5bFykKi_84eTTfdYjvJhYB0lhN02w7bvw4bnd-VjhqNMiHJ9fai-4dt4G6B0hQ0O0I9iZDweaVYoZmXEVRx2SSF2407t6fiA7_-LQZyft_H8it74-MCSkp68JrQ5kQiFGbsH4KIaErBWzlaW_MO8KmEjE3lCpNiSF15W_V7SUHgp2EbYUXv-BEgjbgjmkJv6Zqf22z24Nl70bRlTg9pYsL10OFCvIGFtwg0rXatySHfdF8Ma1khyFWvk52zyKIXSLIdZ7HmgngA9SL4TWj_LFKaQfdCIVYx2X8on_ZxYsVcZjpavJHkTi8lKZLSFZ3WnptWoEGfiYqdNQvLa1zYaJ_flDSUFZ8QWW7j6bn4-5zQAw_SMiBNyfJB76_soJBDnmy9KcrrukHRdpN_Ky8b09gJfW0ZvZFMqPcFWV_1VbRWxQXVc1AgbEayT77cmeBYM8WxJqThPSMz6AXLSWsIzIWDhCyPFQv1jnWu5jDoD-RtqD0DhJx881oqN8FHp9zvvrB2YFlgKX3CMvJEOMMNLM_aBO0od_5G12CrcSxwdVheP618whVXoFzZwClqnBwbpMBt722_9MnwxkvCKPybQAHvNFc8Z3Ab3Vs1F_CDc6AzY3U8-3MMEjlRQOdHrYQe2Ve6QWpx-fowfT0ljP0o1Z3tvae2vJTu6AXYz7K5xQ2OBY6HRrcMEjlRQOdHrYQe2Ve6QWpykVYgezfQi84VSvZDL2LJTH3F3jCkW0WtD_DEBkoG6S2_kDY12OmKsBcHnW2pP37JPd3WLs0oh_dRNVZ-ACrlVJcOjNy0cM1P7eTT2i8z6r-wdPNEnP4nG3X9jCxMVLrs http://e-money.kr/?ga=JJCURHLA7qw%2B05rh%2Bx0uDALoxqdTCVF2r%2FmNxY3H3mQim55Yq7Fkqg%2BDMEcM2R8crZYe1SUsSC3dwd2hofxKvGqNeq5F4tx%2BdLuVgokX7KG%2F5ouqW%2F8sQVvzrI8ffybkVwAyTKyeyIaL%2BoLilX%2FXUf2Bo9YRpSljzbLgOaFv%2Fq8%3D&gerf=S5EtlxgEAAlD44ULHvzHaeBvc5wIobe%2FwdGCf3By8kM%3D&guro=%2B7XX1JeT64uhJWLzEHmespziJO7yLR5kkMAMjev8SS4opaHIlKuYDRtVqWS%2BPR3L& http://usa.claudia-luc.com/zcredirect?visitid=589a64bc-0902-11eb-86af-0aa13ab7a395&type=js&browserWidth=1365&browserHeight=899&iframeDetected=false http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml http://e-money.kr/px.js?ch=2 http://e-money.kr/ http://ww1.trhzc.com/adclk?&gm=Vru8h4hi67vqeS5uDRGWDnap1lY7tr2%2FFlpHY09LFXJM0YaafEab6DuUu3hutciFPDRG8S19n9gZzmXB32N1DhCV%2F4pJJT9WEEIEsPdh9ySs4HtuyV5yh9wBV0HwGclEuPsBN%2BXoYnhTmNRTh9h9VIYW0Nz7aROWZ9iL9wNOMjnH0GLUxG4pfAzCoPeJnOFcvOmHx1kB0CvIVqdSEFNkP52c%2F8qd7UyGb%2FsLAtBSNjKziS1A8prAjTzAn3v5FUX0GIYMarlph%2BKsoR8BAv5rpRw7cuWr0K9zTwxjoADhkbR0ZXdAyIx%2BNGcNWrfhmpStLreEDKmj2HvLnMDxWgxXdmKyam2NvUSvsTGKXizkygbnLKWgFEiLdOQjJ3pLfDHsrhGvmai9%2FiipXycK6ynCCBTC0h3t9rsFH9D1pkF4pItQlLokbIZtli0UpTp2VYSVJqbXA1aQ%2FPm6Y6ObmhtaTLkw53CvJGdAJOm0T0mpM0jyQigi8tUnktVZmRbSZ7v8OrBTFIhA2tD6k9HR%2BsCbftrqQl%2FbkR1G61Rik3EmAXKBUQRsr283TvurP3ZUD6KbrSlv%2Fa3sWBq1txkld6WsPV08i2gKmENHURqGpqc2YdaevkHxBlamzB2WTZqIEx81pBLU5uEisFr2f%2FLenjM7uHlgTyrQaAMi1jRhMjQcm9kjHwvZmCav1iOdexDLr9e7UjnnGkggLxvA1kdkeB0qgl%2B3VInHxySINW%2Fd3twL%2B0MyiBbBFSVEc4XS3b6E2sHtX%2Bu8p2N2GIiVo9revwvRWslzlWLC5lIBFnm%2BVu7zEXGI824PA24b1qUC8di2TVrTokG7geW5aPgjVDSaUeAinjtV9u%2F934%2FLqo3rCr1PcSVmHG%2BYkLj5irj6kLAu3160fNOyIxOHycnDqZfd90xBVukT81ijsSrIOl2axNTVzyR0%2B7UyrnQujmxGWpZYbHkjIsBrixaIb78jXiR3v22V%2FcgZaQdQZkbLPLcSPomgsil4l0Fpp%2FQm5H3kY1v%2FkuH1QJtOsn%2Fb0aCpte3tYAYV2yJ1bboKxcpGQ2T8qALK6LuBfWjsUNhDtwytNjQVoQMbhlfjqoQVteu1A5OUT7XJ63D3L3pA82RI6JWUyD6JB20eKGNh75xDN%2BmrR6EkKDc0cnXiQGFZntUdCCXDKlDY12noOlO4ydPnnYkU2D3zD7ofBV%2FKtJfeBh2Dlj9S8B0c3GK4IgjNEw6cQwq09TceqcFl8gLgFimRqAMdfPOTmWw%3D&gc=11193496647250322798711&gi=%2FiZuu3AYALKPdk%2BjumQpi8Vjo6xMauokTWEMnfl57zKBrxGJsifdsE8SyVMkDFC4Nbk0oQ5Gr%2FR2aJpYBKEn5OlRwlLZhcbJj1PjqUfe%2FdAAKmf5fpfkUoiipMjehlyAj2xn62Ln2O7R4xdXuv%2Fc%2BPXiYXyF6AKMSKzfcpQ4PJtm8ELUN8tBUOHAZsrEgypSLpFxIOoX%2BpNKuSH1USEgTHr2j1NbFLPrIYvwhWend4UB5QxvxvkeTXiVvCxQzOVOxtUkAiWa5G5LBS%2FiY%2FUVZtynG4ko2iK0LpLohRobVO7raRTI%2B7ZoGfRoh190%2Bz7BkygGBcKwkCH%2BkQZzvh0XSrLZhmvCCd6UFnEP9haC%2Bvxgxk9mY16DvflnPpwGT93JU6b6xQs9QRv2S%2Buz2Qf5dMhR%2FhZF%2BTUfHJZDx55nJe3Wl6gHy7TqiMoIMtTw%2FHjT6PuFfEW4JyQRdKYQTqeeclaMda5jllTrLoq9%2BtEa2TsaJFa2%2BaZqXKv%2B13%2Fkmxm51D%2BRoSE%2Bu92iZpJuNU5VhdbvCzb5%2BLLQP3XCXb0absor1qJwI1zkazfdpvYCn2gu8bhWfU1d8CrWdPRmF3ZfWSZ24zyTWZO9Yu5kz8v%2B2iI%3D&kgp=0&jccheck=1&jccheck=1 https://www.lovefiestaonline.club/?pazer&source=ochre-snail https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js https://assets.landingpages.gamigo.com/assets/fiesta/vid_fiestagf/css/style.animated.css https://assets.landingpages.gamigo.com/assets/fiesta/vid_fiestagf/images/fiesta-logo.png https://assets.landingpages.gamigo.com/assets/fiesta/vid_fiestagf/css/reg.min.css https://assets.landingpages.gamigo.com/assets/fiesta/vid_fiestagf/images/fiesta-forest-background-mask.png https://assets.landingpages.gamigo.com/RegAPI/validation/jquery.validationEngine-en-c.min.js https://assets.landingpages.gamigo.com/RegAPI/emailonly1.1.4.2.min.js?t=1535120453 https://assets.landingpages.gamigo.com/legal/meWantCookies1.8.js https://assets.landingpages.gamigo.com/RegAPI/images/gamigo-icons.png https://assets.landingpages.gamigo.com/assets/fiesta/vid_fiestagf/images/oh-dini-en.png https://assets.landingpages.gamigo.com/assets/fiesta/vid_fiestagf/images/regbox_ranken.png https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js https://assets.landingpages.gamigo.com/assets/fiesta/vid_fiestagf/images/bullet.png https://assets.landingpages.gamigo.com/assets/fiesta/vid_fiestagf/images/button.png https://assets.landingpages.gamigo.com/assets/fiesta/vid_fiestagf/images/reg_button.png https://fonts.googleapis.com/css?family=Cinzel+Decorative:900%7CCinzel:900%7CLato:400,700&subset=latin https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wWA.woff https://fonts.gstatic.com/s/cinzeldecorative/v9/daaHSScvJGqLYhG8nNt8KPPswUAPniZQa9lESTc.woff https://fonts.gstatic.com/s/cinzel/v10/8vIU7ww63mVu7gtR-kwKxNvkNOjw-n_gfY3lCw.woff https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPHw.woff	11	4		4.6			guest

10017	2020-10-08 09:29	don.exe 1941b425080aeb2d67a5f87c416c78dc Browser Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces malicious URLs WriteConsoleW Tofsee Ransomware Windows Browser Tor Email ComputerName DNS Cryptographic key crashed keylogger	4 Keyword trend analysis	3	1		15.8		18	guest

10018	2020-10-07 10:04	http://50.121.226.158/changepw... 22d27255d945c05b79bfc74eb69a77a0 Dridex VirusTotal Malware Code Injection Malicious Traffic Creates executable files RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	4 Keyword trend analysis	2	3		6.0		50	guest

10019	2020-10-07 09:30	v.exe 95458c35d7afba9c35a6742af517e531 Browser Info Stealer VirusTotal Email Client Info Stealer Malware powershell AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities Disables Windows Security powershell.exe wrote Check virtual network interfaces suspicious process AppData folder malicious URLs sandbox evasion WriteConsoleW Tofsee Ransomware Windows Browser Tor Email ComputerName DNS Cryptographic key crashed keylogger	3 Keyword trend analysis	3	1		21.6		33	guest

10020	2020-10-07 09:20	m.exe e86dfa940e4913b73a5ce0d94df2a10a Browser Info Stealer VirusTotal Email Client Info Stealer Malware powershell AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities Disables Windows Security powershell.exe wrote Check virtual network interfaces suspicious process AppData folder malicious URLs sandbox evasion WriteConsoleW Tofsee Ransomware Windows Browser Tor Email ComputerName DNS Cryptographic key crashed keylogger	3 Keyword trend analysis	3	1		21.0		35	guest

First
Previous
661
662
663
664
665
666
667
668
669
670
Next
Last
Total : 10,206cnts