Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
2176	2020-10-20 09:38	cimiK6upP4rLGAcxRW.exe 24498213b77db10d0a960eb3e41f6593 VirusTotal Malware PDB Malicious Traffic RWX flags setting unpack itself sandbox evasion Windows Advertising ComputerName Remote Code Execution DNS Cryptographic key	1 Keyword trend analysis	1			5.6		12	guest

2177	2020-10-20 09:41	24042E.scr.exe 43a82e52d08111ebf4b2a1a7bc2a1266 VirusTotal Malware Buffer PE PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself suspicious process AppData folder malicious URLs AntiVM_Disk sandbox evasion VM Disk Size Check Browser Remote Code Execution crashed		1			12.0		37	guest

2178	2020-10-20 09:45	24042E.scr.exe 43a82e52d08111ebf4b2a1a7bc2a1266 VirusTotal Malware Buffer PE PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself suspicious process AppData folder malicious URLs AntiVM_Disk sandbox evasion VM Disk Size Check Remote Code Execution crashed	2 Keyword trend analysis	5			12.4		37	admin

2179	2020-10-20 09:53	cimiK6upP4rLGAcxRW.exe 24498213b77db10d0a960eb3e41f6593 VirusTotal Malware PDB Malicious Traffic RWX flags setting unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName Remote Code Execution DNS Cryptographic key	1 Keyword trend analysis	2			6.4		12	admin

2180	2020-10-20 09:56	BubbleBrowserMaintenance.exe e07e6c29f3df2ab9dc02e9bf41facfa0 VirusTotal Malware Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Detects VirtualBox AppData folder malicious URLs IP Check human activity check Tofsee Windows	6 Keyword trend analysis Info http://thecryptocenter.xyz/BubbleBrowser.exe http://thecryptocenter.xyz/BubbleBrowser.exe http://ipinfo.io/country http://ipinfo.io/ip https://ipinfo.io/country https://ipqualityscore.com/api/json/ip/gp65l99h87k3l1g0owh8fr8v99dme/175.208.134.150 https://script.google.com/macros/s/AKfycbyeDUociDSMjODhy_ZapM5zzyoJ3zrch9n5IUJeKIM3UQOEtZs/exec?ip=175.208.134.150&loc=KR&app=BubbleBrowserMaintenance&payoutcents=0.40&ver=5.2	9	5 Info ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io) SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET POLICY Possible External IP Lookup ipinfo.io ET POLICY Possible External IP Lookup SSL Cert Observed (ipinfo.io) ET HUNTING SUSPICIOUS Firesale gTLD EXE DL with no Referer June 13 2016		7.8	M	44	admin

2181	2020-10-20 09:57	3415201.png.exe d9b41eaf18125c5cbec11f9c85bb1860 unpack itself malicious URLs WriteConsoleW ComputerName		1			1.8			admin

2182	2020-10-20 10:10	OrcusRAT.exe ec5949944c365fa50c40831db3f54aff VirusTotal Malware AutoRuns suspicious privilege MachineGuid Check memory Checks debugger Creates executable files ICMP traffic unpack itself suspicious process AppData folder malicious URLs anti-virtualization Windows ComputerName DNS Cryptographic key crashed keylogger		2			12.2	M	48	admin

2183	2020-10-20 10:10	R_17104511.doc 257b978c9d35f68343844343a104be30 Vulnerability VirusTotal Malware unpack itself malicious URLs		1			3.4	M	27	admin

2184	2020-10-20 10:13	3415201.png.exe d9b41eaf18125c5cbec11f9c85bb1860 malicious URLs WriteConsoleW ComputerName		1			1.4			admin

2185	2020-10-20 10:17	3415201_2.png.exe 9cc0503f7009fef60d1cae4c65e445da unpack itself malicious URLs WriteConsoleW ComputerName		1			1.8			admin

2186	2020-10-20 10:22	3415201_2.png.exe 9cc0503f7009fef60d1cae4c65e445da unpack itself malicious URLs WriteConsoleW ComputerName		1			1.8			admin

2187	2020-10-20 10:31	yPduPL3mChzZdZTzd.exe 21c9224e5a0f14928611fa7fc486904e Malware PDB Malicious Traffic RWX flags setting unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName Remote Code Execution DNS Cryptographic key	1 Keyword trend analysis	2			5.8			admin

2188	2020-10-20 10:39	6E9zisbO9sC0owFOL.exe f8799dca3986c7ce5a501d6c93f546d0 Malware PDB Malicious Traffic ICMP traffic RWX flags setting unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName Remote Code Execution DNS Cryptographic key	1 Keyword trend analysis	4			8.8			admin

2189	2020-10-20 10:44	fUV0qtOHs8f1V.exe 1899797eec0cff367f4c2b7974dae71d Malware PDB Malicious Traffic RWX flags setting unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName Remote Code Execution DNS Cryptographic key	1 Keyword trend analysis	2			5.8			admin

2190	2020-10-20 10:52	code2.exe 311c9ea82eab47a483642621357e6721 Browser Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger unpack itself malicious URLs Ransomware Windows Browser Tor Email ComputerName Cryptographic key crashed		1			8.6	M	21	admin

First
Previous
141
142
143
144
145
146
147
148
149
150
Next
Last
Total : 48,258cnts