Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1726	2020-09-15 09:49	snIARqs7Vdv.exe 9f2287414784f5d13e35e2f4e84ac965 VirusTotal Malware Report Malicious Traffic RWX flags setting unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName Remote Code Execution DNS Cryptographic key	1 Keyword trend analysis	1	1		5.6	M	9	guest

1727	2020-09-15 10:08	vbc.exe b409ac3b40d3d2203663c0f5f2c58ccf Browser Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Windows Browser Email ComputerName Cryptographic key crashed					13.2	M	26	guest

1728	2020-09-15 10:20	NebVJPzJCCZJannXGY1k.exe 9f2287414784f5d13e35e2f4e84ac965 VirusTotal Malware Report Malicious Traffic RWX flags setting unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName Remote Code Execution DNS Cryptographic key	1 Keyword trend analysis	2	1		6.6	M	8	guest

1729	2020-09-15 10:28	Wy9JDENBGQaD32Hbji.exe d808c29b4242eeba4f67f31a0669ddc5 VirusTotal Malware RWX flags setting unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName Remote Code Execution DNS Cryptographic key	1 Keyword trend analysis	2			5.6	M	6	guest

1730	2020-09-15 10:48	uzo.exe 7236b609fe63f7e878c033acc2e3786d VirusTotal Malware Buffer PE suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows DNS Cryptographic key	1 Keyword trend analysis	1			9.8	M	28	guest

1731	2020-09-15 11:21	PO_09152020EX.doc 2cef4a6caec772e2c4c65a500acaa4eb Vulnerability VirusTotal Malware Report Malicious Traffic unpack itself Tofsee DNS	4 Keyword trend analysis	6	2		5.4		23	admin

1732	2020-09-16 07:25	http://loungegangnam.com/4W/dz... c5a3073b16a861279469aec6cb9f47f4 VirusTotal Malware AutoRuns Code Injection Malicious Traffic Creates executable files RWX flags setting exploit crash unpack itself Windows utilities Auto service malicious URLs AntiVM_Disk sandbox evasion VM Disk Size Check human activity check Windows Exploit Advertising ComputerName DNS Cryptographic key crashed keylogger	3 Keyword trend analysis	4	2		14.0		16	guest

1733	2020-09-16 09:10	BAL_AT8056288204IY.doc ea10272ff8945d895c22341b89d540e9 Vulnerability VirusTotal Malware Malicious Traffic unpack itself malicious URLs Tofsee DNS	3 Keyword trend analysis	6	1		6.0		15	guest

1734	2020-09-16 09:13	555555555.png.exe 7e2e2f8082f61e7707e2f467e1f66d95 AutoRuns Code Injection Check memory buffers extracted unpack itself Windows utilities Detects VMWare suspicious process malicious URLs sandbox evasion WriteConsoleW VMware Windows Browser ComputerName crashed					8.4			guest

1735	2020-09-16 09:36	Print_Preview.exe 06f42898d5b2303c0b455d3152ced044 VirusTotal Malware RWX flags setting unpack itself malicious URLs sandbox evasion Remote Code Execution					3.0		5	guest

1736	2020-09-16 09:39	vbc.exe 84aa72d50e9154b0507298fa900abc4a VirusTotal Malware Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Ransomware Tor ComputerName crashed					10.6		22	guest

1737	2020-09-16 15:13	invoice_241568.doc 44417608ef46c480abb130decadf70da LokiBot Malware download VirusTotal Malware c&c Malicious Traffic exploit crash unpack itself Windows Exploit DNS crashed	2 Keyword trend analysis	1	12 Info ET INFO DNS Query for Suspicious .ga Domain ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET INFO HTTP POST Request to Suspicious *.ga Domain ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Fake 404 Response ET POLICY PE EXE or DLL Windows file download HTTP ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M2		4.8		26	guest

1738	2020-09-16 15:20	http://gooddns.ir/bobbyx/bobby... Dridex VirusTotal Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	1 Keyword trend analysis	2	3		5.8			guest

1739	2020-09-16 16:26	3MsaSRC.exe ebe09665b995c11759610242a1d45a8e VirusTotal Malware Malicious Traffic RWX flags setting unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName Remote Code Execution DNS Cryptographic key	1 Keyword trend analysis	1			6.4		17	admin

1740	2020-09-16 16:36	winlog.exe 61c8ee9e802a17db2db3c18ad499aa7e VirusTotal Malware Check memory Creates executable files AppData folder malicious URLs					2.6	M	13	guest

First
Previous
111
112
113
114
115
116
117
118
119
120
Next
Last
Total : 48,230cnts