Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
15571	2023-03-05 00:12	http://ctp1.xyz/w2/PvqDq929BSx... PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM PNG Format MSOffice File JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed		1	2		4.8			guest

15572	2023-03-05 00:11	http://matix.cf/panel/login.ph... AntiDebug AntiVM PNG Format MSOffice File JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed		1	3		3.8			guest

15573	2023-03-05 00:10	http://underdog2.xyz/taker00/P... PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM PNG Format MSOffice File JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed		1	2		4.2			guest

15574	2023-03-05 00:10	http://sspmoct.xyz/tkrr2/T2/43... PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM PNG Format MSOffice File JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed		1	2		5.8			guest

15575	2023-03-05 00:10	http://vihaiha.com/.ccb/news/s... AntiDebug AntiVM MSOffice File PNG Format JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed		1			3.8			guest

15576	2023-03-05 00:08	http://mexalzzy.000webhostapp.... PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM MSOffice File Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	12 Keyword trend analysis Info http://apps.identrust.com/roots/dstrootcax3.p7c http://mexalzzy.000webhostapp.com/xorry/login.php https://www.google-analytics.com/collect?v=1&_v=j99&a=1842984917&t=event&_s=2&dl=http%3A%2F%2Fmexalzzy.000webhostapp.com%2Fxorry%2Flogin.php&ul=ko&de=utf-8&dt=Website%20is%20no%20longer%20available%20%7C%20000webhost&sd=24-bit&sr=1365x1024&vp=1343x899&je=1&fl=13.0%20r0&ec=error-page&ea=open&el=no-longer-available&_u=IEBAAEAAAAAAACAAI~&jid=&gjid=&cid=427288051.1677906141&tid=UA-10701068-1&_gid=104440443.1677906141&z=2023011401 https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap https://cdn.000webhost.com/000webhost/000webhost-pages/corgi-with-shades.svg https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc-.woff https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxM.woff https://cdn.000webhost.com/000webhost/000webhost-pages/corgi-make-a-website.svg https://www.google-analytics.com/analytics.js https://cdn.000webhost.com/000webhost/000webhost-pages/corgi-upgrade-to-hostinger.svg https://cdn.000webhost.com/000webhost/logo/000webhost-logo-coral-pink.svg https://cdn.000webhost.com/000webhost/000webhost-pages/corgi-eating-a-cassette.svg	14 Info fonts.googleapis.com(142.250.207.106) mexalzzy.000webhostapp.com(145.14.145.41) a.optnmstr.com(129.227.9.2) www.google-analytics.com(142.250.206.206) fonts.gstatic.com(142.250.207.99) apps.identrust.com(23.216.159.9) cdn.000webhost.com(104.17.163.41) 104.17.163.41 172.217.27.10 145.14.145.241 - malware 172.217.27.14 142.250.66.99 61.111.58.35 - malware 129.227.9.2	3		4.6			guest

15577	2023-03-05 00:08	http://185.215.113.207/gb2pnjs... AntiDebug AntiVM PNG Format MSOffice File JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed		1	1		5.4			guest

15578	2023-03-05 00:08	http://voubucleonteri.xyz/dimp... PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM PNG Format JPEG Format MSOffice File Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed		2	2		5.8			guest

15579	2023-03-05 00:07	http://parisyoungerfashion.com... deab82e9d004d18ea5e4edb807893b97 PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM MSOffice File Code Injection Creates executable files exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	7 Keyword trend analysis Info http://parisyoungerfashion.com/px.js?ch=2&abp=1 http://parisyoungerfashion.com/px.js?ch=1&abp=1 http://parisyoungerfashion.com/.ok2/need/work/Panel/five/PvqDq929BSx_A_D_M1n_a.php https://img1.wsimg.com/parking-lander/static/js/0.40743286.chunk.js https://img1.wsimg.com/parking-lander/static/js/main.727544c3.chunk.js https://www.google.com/adsense/domains/caf.js?abp=1 https://img1.wsimg.com/parking-lander/static/js/1.3fa140ef.chunk.js	6	2		4.2			guest

15580	2023-03-05 00:06	http://j90618up.beget.tech/log... AntiDebug AntiVM PNG Format MSOffice File JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed		1			3.8			guest

15581	2023-03-05 00:05	http://91.241.19.159/m7vvsw2ds... PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM PNG Format MSOffice File JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed		1	2		6.2			guest

15582	2023-03-05 00:05	http://cocojambo.collector-ste... PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM PNG Format MSOffice File JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed		1	3		4.8			guest

15583	2023-03-05 00:05	http://etablebuterline.xyz/dim... AntiDebug AntiVM PNG Format MSOffice File JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed		1	2		3.8			guest

15584	2023-03-05 00:05	http://parisyoungerfashion.com... deab82e9d004d18ea5e4edb807893b97 AntiDebug AntiVM MSOffice File Code Injection Creates executable files exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed	7 Keyword trend analysis Info http://parisyoungerfashion.com/px.js?ch=2&abp=1 http://parisyoungerfashion.com/.ok/need/work/Panel/five/PvqDq929BSx_A_D_M1n_a.php http://parisyoungerfashion.com/px.js?ch=1&abp=1 https://img1.wsimg.com/parking-lander/static/js/0.40743286.chunk.js https://img1.wsimg.com/parking-lander/static/js/1.3fa140ef.chunk.js https://www.google.com/adsense/domains/caf.js?abp=1 https://img1.wsimg.com/parking-lander/static/js/main.727544c3.chunk.js	6	2		3.8			guest

15585	2023-03-05 00:04	http://destrong.xyz/des/panel/... AntiDebug AntiVM MSOffice File PNG Format JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed		2			4.8			guest