Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
2461	2020-10-30 14:54	http://eventlarva.com/7/forum.... VirusTotal Malware Code Injection RWX flags setting unpack itself Windows utilities Windows	1 Keyword trend analysis	2			3.0	M		admin

2462	2020-10-30 15:05	http://eventlarva.com/7/forum.... Code Injection RWX flags setting unpack itself Windows utilities Windows	1 Keyword trend analysis	2			2.6			admin

2463	2020-10-30 15:06	http://eventlarva.com/7/forum.... VirusTotal Malware Code Injection RWX flags setting unpack itself Windows utilities Windows	1 Keyword trend analysis	2			3.0	M		admin

2464	2020-10-30 15:09	http://www.easeiseasy.com/wp-a... 9e62ac4a199acb4a580ad38fe4f6e405 VirusTotal Malware AutoRuns Code Injection Malicious Traffic Creates executable files RWX flags setting unpack itself Windows utilities Auto service malicious URLs AntiVM_Disk sandbox evasion VM Disk Size Check human activity check Windows Advertising ComputerName DNS Cryptographic key	2 Keyword trend analysis	3	2		11.8	M		admin

2465	2020-10-30 16:11	nmode.exe e4dcfb88beaaece0aef84c81b9b6091a VirusTotal Malware unpack itself Remote Code Execution					2.4		39	admin

2466	2020-10-30 16:14	DL-13335.jpg.exe 110cfaeff8c4f45dddbe061750084a32 VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs Ransomware Windows Tor ComputerName Cryptographic key crashed					13.2		20	admin

2467	2020-10-30 16:19	http://uxnew.com/old/89i/ df2f73942120a6d530a6eff7796d41ba VirusTotal Malware AutoRuns Code Injection Malicious Traffic Creates executable files RWX flags setting exploit crash unpack itself Windows utilities Auto service malicious URLs AntiVM_Disk sandbox evasion VM Disk Size Check human activity check Windows Exploit Advertising ComputerName DNS Cryptographic key crashed	2 Keyword trend analysis	6	2		14.0	M		admin

2468	2020-10-30 16:19	재판기록 열람복사 신청서.hwp 0b7d1b42a30f4aa4060a1f8dc4cc8f83 Checks debugger Creates shortcut Creates executable files unpack itself malicious URLs					2.2			admin

2469	2020-10-30 16:24	DL-13335.jpg.exe 110cfaeff8c4f45dddbe061750084a32 VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs Windows ComputerName Cryptographic key crashed					12.0	M	20	admin

2470	2020-10-30 17:01	http://legalempowermentindia.c... b6581a528bf2bb5b7abac91ac8a0a6f3 VirusTotal Malware AutoRuns Code Injection Malicious Traffic Creates executable files RWX flags setting exploit crash unpack itself Windows utilities Auto service malicious URLs AntiVM_Disk sandbox evasion VM Disk Size Check human activity check Windows Exploit Advertising ComputerName DNS Cryptographic key crashed	2 Keyword trend analysis	6	2		14.6	M	32	admin

2471	2020-10-30 18:18	H1ZZIwcmmLvZZEwj.exe ea9881ed00071a29a1138d1cb5f96f92 VirusTotal Malware Malicious Traffic RWX flags setting unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName DNS Cryptographic key	1 Keyword trend analysis	2			6.4	M	9	admin

2472	2020-10-30 18:19	https://manweikeji.com/wp-cont... 18933749e6ba858f74cfae5a1a480d14 Dridex VirusTotal Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed		3	3		4.6			admin

2473	2020-10-30 18:22	http://shivakunwar.com.np/swif... 509bad3e7b3d5770ff5a7d173c65010e VirusTotal Malware MachineGuid Code Injection Malicious Traffic Check memory Checks debugger exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	3 Keyword trend analysis	9 Info pipesplumbingltd.com(35.208.159.220) - mailcious annabphotography.co.uk(35.214.15.47) - mailcious shivakunwar.com.np(72.29.65.177) - mailcious 35.208.159.220 - suspicious 35.214.15.47 - suspicious 72.29.65.177 - suspicious 173.173.254.105 - suspicious 102.182.145.130 - suspicious 117.18.232.200 - suspicious	5 Info SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET POLICY Terse Named Filename EXE Download - Possibly Hostile ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET INFO EXE - Served Attached HTTP		8.6	M		admin

2474	2020-10-30 18:24	Arc_SV7257602192KT.doc 410eee98c357147776c0e926c6336db2 Vulnerability Malware Malicious Traffic unpack itself malicious URLs Tofsee Windows DNS	2 Keyword trend analysis	6	5 Info SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET POLICY Terse Named Filename EXE Download - Possibly Hostile ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET INFO EXE - Served Attached HTTP		5.4	M		admin

2475	2020-10-30 21:21	DL-13306.jpg.exe c2491d6299805883f79bdd9b4fc3d8ea VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs Windows ComputerName Cryptographic key crashed					12.0		22	admin

First
Previous
161
162
163
164
165
166
167
168
169
170
Next
Last
Total : 48,289cnts