Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
2056	2020-10-14 09:11	ac.exe bd994fb4216a7ba7d6baf94d489e7fc1 VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote suspicious process malicious URLs WriteConsoleW Windows ComputerName DNS Cryptographic key		1			12.2		21	guest

2057	2020-10-14 09:11	rc.exe 594e5c8c28579857cead33db64e2cb5d Emotet VirusTotal Malware Buffer PE AutoRuns Code Injection buffers extracted Creates executable files RWX flags setting unpack itself Windows utilities AppData folder malicious URLs Tofsee Interception Windows DNS	1 Keyword trend analysis	3	1		12.4		36	guest

2058	2020-10-14 09:23	ds2.exe 08156bf26f6f10ceb1d7525c483935e2 VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Disables Windows Security powershell.exe wrote suspicious process malicious URLs Windows ComputerName Cryptographic key					10.8	M	22	guest

2059	2020-10-14 09:25	File.exe 4bfa9cefa15eac5ca5cded94aa2c5e1b VirusTotal Malware unpack itself Remote Code Execution					2.2	M	20	guest

2060	2020-10-14 09:29	906137.exe 77875aea4abff95d4a7c189676b6658d VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs Ransomware Windows Tor ComputerName Cryptographic key crashed					13.2	M	23	guest

2061	2020-10-14 09:30	ds2.exe 08156bf26f6f10ceb1d7525c483935e2 VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Disables Windows Security powershell.exe wrote suspicious process malicious URLs Windows ComputerName Cryptographic key					10.8	M	22	admin

2062	2020-10-14 09:30	keys.exe d15cc83dd857e9652c5a2ac775590c93 VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself suspicious process malicious URLs WriteConsoleW Tofsee Windows ComputerName DNS Cryptographic key	1 Keyword trend analysis	1	1		6.4		19	admin

2063	2020-10-14 09:31	y6oL1Ab2f7Cg.exe deb41d4b2b96f2625ceb3767735d36a6 ENERGETIC BEAR VirusTotal Malware Report PDB RWX flags setting unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName Remote Code Execution DNS Cryptographic key		6	4		7.0	M	56	admin

2064	2020-10-14 09:40	40147.exe 96d47df84fe322875b17d2c824b314c9 Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c Buffer PE PDB suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself suspicious process malicious URLs AntiVM_Disk sandbox evasion VM Disk Size Check installed browsers check Browser Email ComputerName Remote Code Execution DNS Software crashed	1 Keyword trend analysis	1	7 Info ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Fake 404 Response		17.4	M	32	admin

2065	2020-10-14 09:40	65605527.scr d32ce296fea15a65636be94ca127c093 VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs Ransomware Windows Tor ComputerName Cryptographic key crashed					13.0	M	16	admin

2066	2020-10-14 09:40	vbc.exe 2a715d95f644566223d8fce95f18dbdc VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Ransomware Windows Tor ComputerName crashed					10.6	M	19	admin

2067	2020-10-14 09:59	Report10-13.exe e94a676012fde240328e1ecc967c190b VirusTotal Malware Remote Code Execution					1.2		14	admin

2068	2020-10-14 10:00	22S0D255S4D111D22S1D4.msi c07d74b3537c91723b2959cd0d0b3c85 Dridex VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself malicious URLs AntiVM_Disk VM Disk Size Check Tofsee ComputerName DNS		1	3		4.2		17	admin

2069	2020-10-14 10:01	https://centraldispatchinc.com... Dridex VirusTotal Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed	1 Keyword trend analysis	2	3		4.2			admin

2070	2020-10-14 10:03	530340.png.exe 1fdca70b720797177709d275fbe68cc0 Remote Code Execution					0.4			admin

First
Previous
131
132
133
134
135
136
137
138
139
140
Next
Last
Total : 48,231cnts