Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1651	2020-09-06 19:45	de.exe b9ba656098c519038798ce1cfa7e63ea VirusTotal Malware unpack itself Remote Code Execution					2.2	M	24	guest

1652	2020-09-06 19:53	IrjNakRhGAot88.exe 2063a87e9cbca2707760f16b4faf6e3b VirusTotal Malware RWX flags setting unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName Remote Code Execution DNS Cryptographic key	1 Keyword trend analysis	2			6.2		28	guest

1653	2020-09-07 10:20	dat 2020_09_05 EZB229168.doc ce2a99caf1fa4bf703644c448c82b81b Vulnerability VirusTotal Malware Malicious Traffic unpack itself Windows Browser DNS	2 Keyword trend analysis	2	5 Info ET POLICY HTTP traffic on port 443 (POST) ET HUNTING GENERIC SUSPICIOUS POST to Dotted Quad with Fake Browser 1 ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET INFO EXE - Served Attached HTTP		3.8		19	guest

1654	2020-09-07 11:00	LIST 20200906 19256.doc e8c455b9d0a528d8e47a5fa5c949e368 Vulnerability VirusTotal Malware Malicious Traffic unpack itself Windows Browser DNS	2 Keyword trend analysis	2	5 Info ET POLICY HTTP traffic on port 443 (POST) ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET INFO EXE - Served Attached HTTP ET HUNTING GENERIC SUSPICIOUS POST to Dotted Quad with Fake Browser 1		4.2	M	33	guest

1655	2020-09-07 11:09	zero.exe 9773d366820d76e6702c6e94492caaa6 VirusTotal Malware Buffer PE suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs human activity check Windows DNS Cryptographic key DDNS crashed		1	1		11.8		12	guest

1656	2020-09-07 11:09	UNTITLED-20200905-L15317.doc e8c455b9d0a528d8e47a5fa5c949e368 Vulnerability VirusTotal Malware Malicious Traffic unpack itself Windows Browser DNS	2 Keyword trend analysis	2	5 Info ET POLICY HTTP traffic on port 443 (POST) ET HUNTING GENERIC SUSPICIOUS POST to Dotted Quad with Fake Browser 1 ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET INFO EXE - Served Attached HTTP		4.2	M	33	guest

1657	2020-09-07 11:12	invoice_124110.doc ea15e84815896ed7180041db61cb48eb Malware download VirusTotal Malware powershell Malicious Traffic exploit crash unpack itself malicious URLs Windows Exploit DNS crashed	1 Keyword trend analysis	1	6 Info ET INFO DYNAMIC_DNS Query to *.duckdns. Domain ET MALWARE Windows executable base64 encoded ET HUNTING EXE Base64 Encoded potential malware ET INFO PowerShell NoProfile Command Received In Powershell Stagers ET INFO PowerShell Hidden Window Command Common In Powershell Stagers M2 ET INFO PowerShell DownloadString Command Common In Powershell Stagers		5.2	M	24	guest

1658	2020-09-07 11:39	RQDN6e8PhdV.exe 75a0acb14dfedc69f85a7e7dbb597db2 VirusTotal Malware Malicious Traffic RWX flags setting unpack itself malicious URLs sandbox evasion Windows Browser Advertising ComputerName Remote Code Execution DNS Cryptographic key	1 Keyword trend analysis	2	1		7.4		25	guest

1659	2020-09-07 11:42	58506603.doc cfec52b8d80989c23a30a60b68b5dd45 Vulnerability VirusTotal Malware Malicious Traffic unpack itself malicious URLs Windows Browser DNS	2 Keyword trend analysis	3	4		6.4	M	34	guest

1660	2020-09-07 15:41	Invoice.exe 01b18c1ec01a1341f043e6bb5fb4b968 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware Cryptocurrency wallets Cryptocurrency suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities Collect installed applications AppData folder malicious URLs WriteConsoleW installed browsers check Tofsee Windows Browser DNS Software	2 Keyword trend analysis	1	1		15.8	M	30	guest

1661	2020-09-07 18:13	googlemap.exe dc4c40c4319c6503178e071707279c40 VirusTotal Malware Code Injection Check memory Checks debugger WMI Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Windows ComputerName crashed					6.8		17	guest

1662	2020-09-08 09:01	racoon.exe 74aa2a6679d3b43a88e01078eab24e1a VirusTotal Malware unpack itself Remote Code Execution					2.2		23	guest

1663	2020-09-08 10:58	cars.gif.exe 8ba63bca1ee0583b8278dbf1eb38b4e4 Remote Code Execution					0.6			guest

1664	2020-09-08 15:38	ssfisjgniwerg.pdf.exe 150f42ff16bd2ae9895532a7be6284a1 VirusTotal Malware Check memory unpack itself malicious URLs crashed					3.2	M	15	guest

1665	2020-09-08 15:39	presh.exe e740f5933346e9e3c1cd520dc40d3e39 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs					8.0		17	guest

First
Previous
111
112
113
114
115
116
117
118
119
120
Next
Last
Total : 48,230cnts