Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
2101	2020-10-16 07:54	http://musc.health/wp-content/... 0b9c2b29a3236158d4f2cc31360d5d6c VirusTotal Malware Report AutoRuns Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities Auto service malicious URLs AntiVM_Disk sandbox evasion VM Disk Size Check human activity check Windows Exploit Advertising ComputerName DNS Cryptographic key crashed	3 Keyword trend analysis	6	3		13.0			guest

2102	2020-10-16 10:02	aaa.exe 6f076a92c41e53b1dd2be0c3634f6a76 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Ransomware Windows Tor ComputerName crashed					10.8		41	guest

2103	2020-10-16 10:04	loki.exe 703eb859df4786c7d28b30fc2f3e4880 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces malicious URLs Ransomware Windows Browser Tor Email ComputerName DNS Cryptographic key Software crashed	1 Keyword trend analysis	1			10.4		19	guest

2104	2020-10-16 10:06	bob.exe 3aff71a139f4a5201d81b00a4a1d17c4 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Check memory Checks debugger unpack itself Check virtual network interfaces malicious URLs Tofsee Ransomware Windows Browser Tor Email ComputerName DNS Cryptographic key Software crashed keylogger	2 Keyword trend analysis	2	1		13.6		27	guest

2105	2020-10-16 10:07	AKUJJ.exe 30321b84684bca606a94a1fc1a7bceb3 VirusTotal Malware PDB Malicious Traffic RWX flags setting unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName Remote Code Execution DNS Cryptographic key	1 Keyword trend analysis	2			7.2		5	guest

2106	2020-10-16 15:26	c5xfte.dll 29b3fb0c606603e980e207f9739eb36b VirusTotal Malware PDB unpack itself crashed					2.8		42	guest

2107	2020-10-16 15:49	loki.exe 703eb859df4786c7d28b30fc2f3e4880 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces malicious URLs Ransomware Windows Browser Tor Email ComputerName DNS Cryptographic key Software crashed	1 Keyword trend analysis	1			10.4	M	19	guest

2108	2020-10-16 15:51	loki.exe 703eb859df4786c7d28b30fc2f3e4880 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces malicious URLs Ransomware Windows Browser Tor Email ComputerName DNS Cryptographic key Software crashed	1 Keyword trend analysis	1			10.4	M	19	guest

2109	2020-10-16 16:00	default.bak 6ba233d220cc58e7b467754039413948 Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself AntiVM_Disk VM Disk Size Check installed browsers check Browser Email ComputerName					3.8			guest

2110	2020-10-16 16:45	AKUJJ.exe 30321b84684bca606a94a1fc1a7bceb3 VirusTotal Malware PDB Malicious Traffic RWX flags setting unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName Remote Code Execution DNS Cryptographic key	1 Keyword trend analysis	2			7.2	M	4	guest

2111	2020-10-16 18:08	bBA0mMhqacDQ55b.exe f2769dca375d549623a671049200f07d VirusTotal Malware Report PDB RWX flags setting unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName Remote Code Execution DNS Cryptographic key	1 Keyword trend analysis	4	1		6.8		14	guest

2112	2020-10-16 18:49	InKY0ujCqKHXZp1.exe 5e5dee7718bb44b682b9b36851ba3292 Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs installed browsers check Browser Email ComputerName Trojan DNS Software	1 Keyword trend analysis	1	10 Info ET INFO DNS Query for Suspicious .ga Domain ET MALWARE Trojan Generic - POST To gate.php with no referer ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET INFO HTTP POST Request to Suspicious *.ga Domain ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Fake 404 Response		13.0		34	guest

2113	2020-10-16 19:08	Yz3bqgXVP7uzS.exe 681c2d0bf87234946735a09f4e1d9d87 VirusTotal Malware PDB Malicious Traffic RWX flags setting unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName Remote Code Execution DNS Cryptographic key	1 Keyword trend analysis	1			6.4	M	17	guest

2114	2020-10-16 19:18	MaQ.exe 441ca675e13c108f60770ffae503373a Malware PDB Malicious Traffic RWX flags setting unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName Remote Code Execution DNS Cryptographic key	1 Keyword trend analysis	2			6.8			guest

2115	2020-10-16 19:57	http://p4uclasses.com/wp-conte... c50585be1cd654bacfb15679146c7394 VirusTotal Malware Report AutoRuns Code Injection Malicious Traffic Creates executable files RWX flags setting exploit crash unpack itself Windows utilities Auto service malicious URLs AntiVM_Disk sandbox evasion VM Disk Size Check human activity check Windows Exploit Advertising ComputerName DNS Cryptographic key crashed keylogger	3 Keyword trend analysis	4	3		13.8			guest

First
Previous
141
142
143
144
145
146
147
148
149
150
Next
Last
Total : 48,243cnts