Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
10111	2020-07-21 09:49	https://class.britishonline.co... dcf7add878e1e15a80ae49a24f193a33 Dridex VirusTotal Malware Code Injection Malicious Traffic unpack itself Windows utilities malicious URLs Tofsee Windows DNS	2 Keyword trend analysis Info https://clients2.google.com/service/check2?crx3=true&appid=%7B430FD4D0-B729-4F61-AA34-91526481799D%7D&appversion=1.3.35.452&applang=&machine=1&version=1.3.35.452&userid=&osversion=6.1&servicepack=Service%20Pack%201 https://update.googleapis.com/service/update2?cup2key=10:805381821&cup2hreq=dfb3cffb99639d08f359b20dd1b8622d9c97bd65e0f4596baa0061204c71a66b	3	3		4.6

10112	2020-07-21 09:45	http://88.218.16.20/ztYQWLnqiK... 4af9079a6228f2857a84e35b098d6bdd VirusTotal Malware Code Injection Malicious Traffic Creates executable files exploit crash unpack itself Windows utilities AppData folder Tofsee Windows Exploit DNS crashed	2 Keyword trend analysis	2	4		5.0

10113	2020-07-21 09:31	index5.doc 9c1b5cf8aae29751888a2f28145cd7d2 Emotet Malware download Vulnerability VirusTotal Malware Report Malicious Traffic unpack itself Tofsee DNS	4 Keyword trend analysis Info http://181.30.69.50/XI3QJeAYegYAnbzJ/zhidbBahLdlWXCq8/SuGNza369IBOd/9rtPtJJ/7jlDSDI8Roxt/ https://metolegal.com/wp-admin/yLig71/ https://clients2.google.com/service/check2?crx3=true&appid=%7B430FD4D0-B729-4F61-AA34-91526481799D%7D&appversion=1.3.35.452&applang=&machine=1&version=1.3.35.452&userid=&osversion=6.1&servicepack=Service%20Pack%201 https://update.googleapis.com/service/update2?cup2key=10:2239657492&cup2hreq=9267cfdcf2b10f3a7ad93b14dfb454b4a62c13c250f23cbae8cd3f1c4aab71a8	4	3		4.2		19

10114	2020-07-21 09:17	index3.doc a738c10344822c4368d7bc1f088a0221 Vulnerability Malware Malicious Traffic unpack itself Tofsee Windows DNS	4 Keyword trend analysis Info http://chundubio.com/wkdn/cwwb/ http://124.45.106.173:443/8pajLRHY/ https://clients2.google.com/service/check2?crx3=true&appid=%7B430FD4D0-B729-4F61-AA34-91526481799D%7D&appversion=1.3.35.452&applang=&machine=1&version=1.3.35.452&userid=&osversion=6.1&servicepack=Service%20Pack%201 https://update.googleapis.com/service/update2?cup2key=10:3411936393&cup2hreq=43bebfe92b2be2b06049145b360b1fa9b830d808693b08a2e8660eec6cfc2363	5	5		3.6

10115	2020-07-21 09:15	popopo.png 70a2ed9f2ca011da8aca485e966ec973 VirusTotal Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Tofsee Windows ComputerName DNS Cryptographic key	4 Keyword trend analysis Info http://api.ipify.org/ http://ip-api.com/json/ https://clients2.google.com/service/check2?crx3=true&appid=%7B430FD4D0-B729-4F61-AA34-91526481799D%7D&appversion=1.3.35.452&applang=&machine=1&version=1.3.35.452&userid=&osversion=6.1&servicepack=Service%20Pack%201 https://update.googleapis.com/service/update2?cup2key=10:763652607&cup2hreq=f27afa7e7872d311f3a36ceda504c930a64812564d93fe56791a21437a6172ca	6	5		15.2	M	28

10116	2020-07-21 09:14	index.doc c703b02e832e614300d89d6ca20ec066 Vulnerability VirusTotal Malware Malicious Traffic unpack itself Tofsee DNS	1 Keyword trend analysis	5	1		3.8		17

10117	2020-07-20 23:40	https://aliyousefpoor.com/wp-a... 51fe38a980f41111074aabdde5ee5124 VirusTotal Malware Tofsee Windows DNS	2 Keyword trend analysis Info http://r4---sn-3u-bh2lk.gvt1.com/edgedl/release2/chrome/AIVpFp8WHZ7NkXF3-7GiVZ8_84.0.4147.89/84.0.4147.89_83.0.4103.116_chrome_updater.exe?cms_redirect=yes&mh=1m&mip=175.208.134.150&mm=28&mn=sn-3u-bh2lk&ms=nvh&mt=1595255778&mv=m&mvi=4&pl=18&shardbypass=yes http://r4---sn-3u-bh2lk.gvt1.com/edgedl/release2/chrome/AIVpFp8WHZ7NkXF3-7GiVZ8_84.0.4147.89/84.0.4147.89_83.0.4103.116_chrome_updater.exe?cms_redirect=yes&mh=1m&mip=175.208.134.150&mm=28&mn=sn-3u-bh2lk&ms=nvh&mt=1595255778&mv=m&mvi=4&pl=18&shardbypass=yes http://redirector.gvt1.com/edgedl/release2/chrome/AIVpFp8WHZ7NkXF3-7GiVZ8_84.0.4147.89/84.0.4147.89_83.0.4103.116_chrome_updater.exe http://r4---sn-3u-bh2lk.gvt1.com/edgedl/release2/chrome/AIVpFp8WHZ7NkXF3-7GiVZ8_84.0.4147.89/84.0.4147.89_83.0.4103.116_chrome_updater.exe?cms_redirect=yes&mh=1m&mip=175.208.134.150&mm=28&mn=sn-3u-bh2lk&ms=nvh&mt=1595255778&mv=m&mvi=4&pl=18&shardbypass=yes http://r4---sn-3u-bh2lk.gvt1.com/edgedl/release2/chrome/AIVpFp8WHZ7NkXF3-7GiVZ8_84.0.4147.89/84.0.4147.89_83.0.4103.116_chrome_updater.exe?cms_redirect=yes&mh=1m&mip=175.208.134.150&mm=28&mn=sn-3u-bh2lk&ms=nvh&mt=1595255778&mv=m&mvi=4&pl=18&shardbypass=yes http://r4---sn-3u-bh2lk.gvt1.com/edgedl/release2/chrome/AIVpFp8WHZ7NkXF3-7GiVZ8_84.0.4147.89/84.0.4147.89_83.0.4103.116_chrome_updater.exe?cms_redirect=yes&mh=1m&mip=175.208.134.150&mm=28&mn=sn-3u-bh2lk&ms=nvh&mt=1595255778&mv=m&mvi=4&pl=18&shardbypass=yes http://r4---sn-3u-bh2lk.gvt1.com/edgedl/release2/chrome/AIVpFp8WHZ7NkXF3-7GiVZ8_84.0.4147.89/84.0.4147.89_83.0.4103.116_chrome_updater.exe?cms_redirect=yes&mh=1m&mip=175.208.134.150&mm=28&mn=sn-3u-bh2lk&ms=nvh&mt=1595255778&mv=m&mvi=4&pl=18&shardbypass=yes http://r4---sn-3u-bh2lk.gvt1.com/edgedl/release2/chrome/AIVpFp8WHZ7NkXF3-7GiVZ8_84.0.4147.89/84.0.4147.89_83.0.4103.116_chrome_updater.exe?cms_redirect=yes&mh=1m&mip=175.208.134.150&mm=28&mn=sn-3u-bh2lk&ms=nvh&mt=1595255778&mv=m&mvi=4&pl=18&shardbypass=yes http://r4---sn-3u-bh2lk.gvt1.com/edgedl/release2/chrome/AIVpFp8WHZ7NkXF3-7GiVZ8_84.0.4147.89/84.0.4147.89_83.0.4103.116_chrome_updater.exe?cms_redirect=yes&mh=1m&mip=175.208.134.150&mm=28&mn=sn-3u-bh2lk&ms=nvh&mt=1595255778&mv=m&mvi=4&pl=18&shardbypass=yes http://r4---sn-3u-bh2lk.gvt1.com/edgedl/release2/chrome/AIVpFp8WHZ7NkXF3-7GiVZ8_84.0.4147.89/84.0.4147.89_83.0.4103.116_chrome_updater.exe?cms_redirect=yes&mh=1m&mip=175.208.134.150&mm=28&mn=sn-3u-bh2lk&ms=nvh&mt=1595255778&mv=m&mvi=4&pl=18&shardbypass=yes http://r4---sn-3u-bh2lk.gvt1.com/edgedl/release2/chrome/AIVpFp8WHZ7NkXF3-7GiVZ8_84.0.4147.89/84.0.4147.89_83.0.4103.116_chrome_updater.exe?cms_redirect=yes&mh=1m&mip=175.208.134.150&mm=28&mn=sn-3u-bh2lk&ms=nvh&mt=1595255778&mv=m&mvi=4&pl=18&shardbypass=yes http://r4---sn-3u-bh2lk.gvt1.com/edgedl/release2/chrome/AIVpFp8WHZ7NkXF3-7GiVZ8_84.0.4147.89/84.0.4147.89_83.0.4103.116_chrome_updater.exe?cms_redirect=yes&mh=1m&mip=175.208.134.150&mm=28&mn=sn-3u-bh2lk&ms=nvh&mt=1595255778&mv=m&mvi=4&pl=18&shardbypass=yes http://r4---sn-3u-bh2lk.gvt1.com/edgedl/release2/chrome/AIVpFp8WHZ7NkXF3-7GiVZ8_84.0.4147.89/84.0.4147.89_83.0.4103.116_chrome_updater.exe?cms_redirect=yes&mh=1m&mip=175.208.134.150&mm=28&mn=sn-3u-bh2lk&ms=nvh&mt=1595255778&mv=m&mvi=4&pl=18&shardbypass=yes http://r4---sn-3u-bh2lk.gvt1.com/edgedl/release2/chrome/AIVpFp8WHZ7NkXF3-7GiVZ8_84.0.4147.89/84.0.4147.89_83.0.4103.116_chrome_updater.exe?cms_redirect=yes&mh=1m&mip=175.208.134.150&mm=28&mn=sn-3u-bh2lk&ms=nvh&mt=1595255778&mv=m&mvi=4&pl=18&shardbypass=yes http://r4---sn-3u-bh2lk.gvt1.com/edgedl/release2/chrome/AIVpFp8WHZ7NkXF3-7GiVZ8_84.0.4147.89/84.0.4147.89_83.0.4103.116_chrome_updater.exe?cms_redirect=yes&mh=1m&mip=175.208.134.150&mm=28&mn=sn-3u-bh2lk&ms=nvh&mt=1595255778&mv=m&mvi=4&pl=18&shardbypass=yes http://r4---sn-3u-bh2lk.gvt1.com/edgedl/release2/chrome/AIVpFp8WHZ7NkXF3-7GiVZ8_84.0.4147.89/84.0.4147.89_83.0.4103.116_chrome_updater.exe?cms_redirect=yes&mh=1m&mip=175.208.134.150&mm=28&mn=sn-3u-bh2lk&ms=nvh&mt=1595255778&mv=m&mvi=4&pl=18&shardbypass=yes	4	3		1.6	M

10118	2020-07-20 23:34	https://aliyousefpoor.com/wp-a... 51fe38a980f41111074aabdde5ee5124 Dridex VirusTotal Malware Malicious Traffic Tofsee DNS	2 Keyword trend analysis Info https://clients2.google.com/service/check2?crx3=true&appid=%7B430FD4D0-B729-4F61-AA34-91526481799D%7D&appversion=1.3.35.452&applang=&machine=1&version=1.3.35.452&userid=&osversion=6.1&servicepack=Service%20Pack%201 https://update.googleapis.com/service/update2?cup2key=10:3931948972&cup2hreq=5e123fa38a5f0fca8a382a6654ad73525f2788155898562efb0ab9ca0c7b4925	4	3		2.4	M

10119	2020-07-20 23:31	http://124.160.126.238/11.exe 5d2e9716be941d7c77c05947390de736 Malware download VirusTotal Cryptocurrency Miner Malware Cryptocurrency AutoRuns Code Injection Malicious Traffic Creates executable files exploit crash unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Tofsee Windows Exploit DNS crashed	4 Keyword trend analysis Info http://www.362com.com/Update.txt http://www.362com.com/32.exe http://124.160.126.238/11.exe https://clients2.google.com/service/check2?crx3=true&appid=%7B430FD4D0-B729-4F61-AA34-91526481799D%7D&appversion=1.3.35.452&applang=&machine=1&version=1.3.35.452&userid=&osversion=6.1&servicepack=Service%20Pack%201	4	7 Info ET MALWARE JS/Nemucod requesting EXE payload 2016-02-01 ET INFO Executable Download from dotted-quad Host ET POLICY PE EXE or DLL Windows file download HTTP ET MALWARE JS/Nemucod.M.gen downloading EXE payload ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET POLICY Cryptocurrency Miner Checkin		10.8	M	57

10120	2020-07-20 22:10	http://salesforce-ibmcloud.koz... 4a3b3aa0b72d467be7321ceac9d3db92 VirusTotal Malware AutoRuns Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files exploit crash unpack itself Windows utilities AppData folder malicious URLs Tofsee Windows Exploit DNS crashed	3 Keyword trend analysis Info http://salesforce-ibmcloud.kozow.com/dinb/iqbtcvforWiTEi.exe https://clients2.google.com/service/check2?crx3=true&appid=%7B430FD4D0-B729-4F61-AA34-91526481799D%7D&appversion=1.3.35.452&applang=&machine=1&version=1.3.35.452&userid=&osversion=6.1&servicepack=Service%20Pack%201 https://update.googleapis.com/service/update2?cup2key=10:3879736586&cup2hreq=38573e2bd8d307473452a19c05fd112561639335a4451f1528f0199d3aadc08c	5	2		12.4		15

10121	2020-07-20 22:08	http://salesforce-ibmcloud.koz... a4195bdf6d0f782598f69bc40c4d7e50 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files exploit crash unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Tofsee Windows Exploit Browser Email ComputerName DNS Cryptographic key Software crashed keylogger	6 Keyword trend analysis Info http://r4---sn-3u-bh2lk.gvt1.com/edgedl/release2/chrome/AIVpFp8WHZ7NkXF3-7GiVZ8_84.0.4147.89/84.0.4147.89_83.0.4103.116_chrome_updater.exe?cms_redirect=yes&mh=1m&mip=175.208.134.150&mm=28&mn=sn-3u-bh2lk&ms=nvh&mt=1595250319&mv=m&mvi=4&pl=18&shardbypass=yes http://redirector.gvt1.com/edgedl/release2/chrome/AIVpFp8WHZ7NkXF3-7GiVZ8_84.0.4147.89/84.0.4147.89_83.0.4103.116_chrome_updater.exe http://r4---sn-3u-bh2lk.gvt1.com/edgedl/release2/chrome/AIVpFp8WHZ7NkXF3-7GiVZ8_84.0.4147.89/84.0.4147.89_83.0.4103.116_chrome_updater.exe?cms_redirect=yes&mh=1m&mip=175.208.134.150&mm=28&mn=sn-3u-bh2lk&ms=nvh&mt=1595250319&mv=m&mvi=4&pl=18&shardbypass=yes http://r4---sn-3u-bh2lk.gvt1.com/edgedl/release2/chrome/AIVpFp8WHZ7NkXF3-7GiVZ8_84.0.4147.89/84.0.4147.89_83.0.4103.116_chrome_updater.exe?cms_redirect=yes&mh=1m&mip=175.208.134.150&mm=28&mn=sn-3u-bh2lk&ms=nvh&mt=1595250319&mv=m&mvi=4&pl=18&shardbypass=yes http://r4---sn-3u-bh2lk.gvt1.com/edgedl/release2/chrome/AIVpFp8WHZ7NkXF3-7GiVZ8_84.0.4147.89/84.0.4147.89_83.0.4103.116_chrome_updater.exe?cms_redirect=yes&mh=1m&mip=175.208.134.150&mm=28&mn=sn-3u-bh2lk&ms=nvh&mt=1595250319&mv=m&mvi=4&pl=18&shardbypass=yes http://r4---sn-3u-bh2lk.gvt1.com/edgedl/release2/chrome/AIVpFp8WHZ7NkXF3-7GiVZ8_84.0.4147.89/84.0.4147.89_83.0.4103.116_chrome_updater.exe?cms_redirect=yes&mh=1m&mip=175.208.134.150&mm=28&mn=sn-3u-bh2lk&ms=nvh&mt=1595250319&mv=m&mvi=4&pl=18&shardbypass=yes http://r4---sn-3u-bh2lk.gvt1.com/edgedl/release2/chrome/AIVpFp8WHZ7NkXF3-7GiVZ8_84.0.4147.89/84.0.4147.89_83.0.4103.116_chrome_updater.exe?cms_redirect=yes&mh=1m&mip=175.208.134.150&mm=28&mn=sn-3u-bh2lk&ms=nvh&mt=1595250319&mv=m&mvi=4&pl=18&shardbypass=yes http://r4---sn-3u-bh2lk.gvt1.com/edgedl/release2/chrome/AIVpFp8WHZ7NkXF3-7GiVZ8_84.0.4147.89/84.0.4147.89_83.0.4103.116_chrome_updater.exe?cms_redirect=yes&mh=1m&mip=175.208.134.150&mm=28&mn=sn-3u-bh2lk&ms=nvh&mt=1595250319&mv=m&mvi=4&pl=18&shardbypass=yes http://r4---sn-3u-bh2lk.gvt1.com/edgedl/release2/chrome/AIVpFp8WHZ7NkXF3-7GiVZ8_84.0.4147.89/84.0.4147.89_83.0.4103.116_chrome_updater.exe?cms_redirect=yes&mh=1m&mip=175.208.134.150&mm=28&mn=sn-3u-bh2lk&ms=nvh&mt=1595250319&mv=m&mvi=4&pl=18&shardbypass=yes http://r4---sn-3u-bh2lk.gvt1.com/edgedl/release2/chrome/AIVpFp8WHZ7NkXF3-7GiVZ8_84.0.4147.89/84.0.4147.89_83.0.4103.116_chrome_updater.exe?cms_redirect=yes&mh=1m&mip=175.208.134.150&mm=28&mn=sn-3u-bh2lk&ms=nvh&mt=1595250319&mv=m&mvi=4&pl=18&shardbypass=yes http://r4---sn-3u-bh2lk.gvt1.com/edgedl/release2/chrome/AIVpFp8WHZ7NkXF3-7GiVZ8_84.0.4147.89/84.0.4147.89_83.0.4103.116_chrome_updater.exe?cms_redirect=yes&mh=1m&mip=175.208.134.150&mm=28&mn=sn-3u-bh2lk&ms=nvh&mt=1595250319&mv=m&mvi=4&pl=18&shardbypass=yes http://r4---sn-3u-bh2lk.gvt1.com/edgedl/release2/chrome/AIVpFp8WHZ7NkXF3-7GiVZ8_84.0.4147.89/84.0.4147.89_83.0.4103.116_chrome_updater.exe?cms_redirect=yes&mh=1m&mip=175.208.134.150&mm=28&mn=sn-3u-bh2lk&ms=nvh&mt=1595250319&mv=m&mvi=4&pl=18&shardbypass=yes http://r4---sn-3u-bh2lk.gvt1.com/edgedl/release2/chrome/AIVpFp8WHZ7NkXF3-7GiVZ8_84.0.4147.89/84.0.4147.89_83.0.4103.116_chrome_updater.exe?cms_redirect=yes&mh=1m&mip=175.208.134.150&mm=28&mn=sn-3u-bh2lk&ms=nvh&mt=1595250319&mv=m&mvi=4&pl=18&shardbypass=yes http://r4---sn-3u-bh2lk.gvt1.com/edgedl/release2/chrome/AIVpFp8WHZ7NkXF3-7GiVZ8_84.0.4147.89/84.0.4147.89_83.0.4103.116_chrome_updater.exe?cms_redirect=yes&mh=1m&mip=175.208.134.150&mm=28&mn=sn-3u-bh2lk&ms=nvh&mt=1595250319&mv=m&mvi=4&pl=18&shardbypass=yes http://salesforce-ibmcloud.kozow.com/dinb/n5ZfororigTi07nAdmv.exe http://r4---sn-3u-bh2lk.gvt1.com/edgedl/release2/chrome/AIVpFp8WHZ7NkXF3-7GiVZ8_84.0.4147.89/84.0.4147.89_83.0.4103.116_chrome_updater.exe?cms_redirect=yes&mh=1m&mip=175.208.134.150&mm=28&mn=sn-3u-bh2lk&ms=nvh&mt=1595250319&mv=m&mvi=4&pl=18&shardbypass=yes http://r4---sn-3u-bh2lk.gvt1.com/edgedl/release2/chrome/AIVpFp8WHZ7NkXF3-7GiVZ8_84.0.4147.89/84.0.4147.89_83.0.4103.116_chrome_updater.exe?cms_redirect=yes&mh=1m&mip=175.208.134.150&mm=28&mn=sn-3u-bh2lk&ms=nvh&mt=1595250319&mv=m&mvi=4&pl=18&shardbypass=yes https://clients2.google.com/service/check2?crx3=true&appid=%7B430FD4D0-B729-4F61-AA34-91526481799D%7D&appversion=1.3.35.452&applang=&machine=1&version=1.3.35.452&userid=&osversion=6.1&servicepack=Service%20Pack%201 https://update.googleapis.com/service/update2?cup2key=10:2226628205&cup2hreq=9fa6a99178756f39930792169a297a539150964df3b68b60e055338d9146cedc https://update.googleapis.com/service/update2	5	3		17.0	M	22

10122	2020-07-20 18:31	https://robotica.cl/w3ZunC4T3N... 6186934d6ebcbd2761413698113233cf Dridex VirusTotal Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	1 Keyword trend analysis	6	3		4.6

10123	2020-07-20 17:46	https://robotica.cl/w3ZunC4T3N... 6186934d6ebcbd2761413698113233cf Dridex VirusTotal Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	1 Keyword trend analysis	6	3		4.6

10124	2020-07-20 17:45	https://www.gomlab.com/downloa... 04a1b261477eff216d800437c6d613fd Dridex Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	30 Keyword trend analysis Info http://www.gomlab.com/browser.gom http://www.gomlab.com/gomlab_v2/ui/img/common/ico_foot_blog.png?v=1912302 http://www.gomlab.com/gomlab_v2/ui/img/grm/ico_grm.png?v=2 http://www.gomlab.com/gomlab_v2/ui/img/common/ico_browser1.png http://www.gomlab.com/gomlab_v2/ui/img/common/ico_s_iapp.png?v=1912302 http://www.gomlab.com/gomlab_v2/ui/img/gcm/ico_gcm.png?v=2 http://www.gomlab.com/gomlab_v2/ui/img/common/ico_notiinfo.gif?v=1912302 http://www.gomlab.com/gomlab_v2/ui/img/common/logo_footer.png?v=1912302 http://www.gomlab.com/gomlab_v2/ui/img/gmx/ico_gmx_pro.png?v=2 http://www.gomlab.com/gomlab_v2/ui/img/gen/ico_gen.png?v=2 http://www.gomlab.com/gomlab_v2/ui/img/common/ico_foot_face.png?v=1912302 http://www.gomlab.com/ http://www.gomlab.com/gomlab_v2/ui/img/gmm/ico_gmm.png?v=2 http://www.gomlab.com/browser.gom http://www.gomlab.com/gomlab_v2/ui/img/common/ico_s_win.png?v=1912302 http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml http://www.gomlab.com/gomlab_v2/ui/css/browser_info.css?version=2020071601 http://www.gomlab.com/gomlab_v2/ui/img/gmp/ico_gmp.png?v=2 http://www.gomlab.com/gomlab_v2/ui/img/gsv/ico_gsv.png?v=2 http://www.gomlab.com/gomlab_v2/ui/img/gmx/ico_gmx.png?v=2 http://www.gomlab.com/gomlab_v2/ui/img/common/ico_s_gplay.png?v=1912302 http://www.gomlab.com/favicon.ico http://www.gomlab.com/gomlab_v2/ui/img/sub/bar_ddd.gif?v=1912302 http://www.gomlab.com/gomlab_v2/ui/img/common/logo_on2.png?v=1912302 http://www.gomlab.com/gomlab_v2/ui/img/grc/ico_grc.png?v=2 http://www.gomlab.com/gomlab_v2/ui/img/gau/ico_gau.png?v=2 http://www.gomlab.com/gomlab_v2/ui/img/common/ico_browser2.png http://www.gomlab.com/gomlab_v2/ui/img/gst/ico_gst.png?v=2 http://www.gomlab.com/gomlab_v2/ui/img/common/bu_dot1.gif?v=1912302 https://www.gomlab.com/download/ https://www.gomlab.com/index.gom	6	3		4.2

10125	2020-07-20 16:59	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted heapspray Creates shortcut Creates executable files ICMP traffic exploit crash unpack itself Windows utilities AppData folder malicious URLs AntiVM_Disk sandbox evasion Firewall state off VM Disk Size Check human activity check installed browsers check Tofsee Ransomware Interception Windows Exploit Browser ComputerName DNS crashed	8 Keyword trend analysis Info http://download.nullsoft.com/redist/dx/d3dx9_31_42_x86_embed.exe http://client.winamp.com/update?v=5.8&ID=C98AD6B966C4434590BFF7F79F6A16E5&lang=en-US http://client.winamp.com/update?v=5.8&ID=C98AD6B966C4434590BFF7F79F6A16E5&st1=0&st2=0&st3=0&st4=0&st5=0&st6=0&st7=0&st8=0&st9=0&st10=0&st11=0&st12=-1&st13=0&st14=0&st15=0&st16=0&st17=0&st18=0&st19=0&st20=0&st21=0&st22=0&st23=0&st24=0&st25=0&st26=0&lang=en-US http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml http://client.winamp.com/update/client_session.php?v=5.8&ID=C98AD6B966C4434590BFF7F79F6A16E5&st1=0&st2=0&st3=0&st4=0&st5=0&st6=0&st7=0&st8=0&st9=0&st10=0&st11=0&st12=-1&st13=0&st14=0&st15=0&st16=0&st17=0&st18=0&st19=0&st20=0&st21=0&st22=0&st23=0&st24=0&st25=0&st26=0&lang=en-US http://client.winamp.com/update/latest-version.php?v=5.8&ID=C98AD6B966C4434590BFF7F79F6A16E5&lang=en-US https://download.nullsoft.com/winamp/client/winamp58_3660_beta_full_en-us.exe https://download.nullsoft.com/winamp/misc/winamp58_3660_beta_full_en-us.exe	9	2		14.4

First
Previous
671
672
673
674
675
676
677
678
679
Last
Total : 10,173cnts