Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
2911	2020-11-12 18:06	cash.exe 1d7b9d853d71cc41bf2e401070a8efb5 VirusTotal Malware Check memory Checks debugger unpack itself malicious URLs ComputerName					3.0	M	21	SFPark

2912	2020-11-12 18:11	lm.exe 7963405aa32d8133136158a9797e05c4 AutoRuns PDB Code Injection Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check Windows ComputerName Remote Code Execution		2			7.0			SFPark

2913	2020-11-12 18:13	frankf.exe 15020601e34aba5ba33327768bfea90f VirusTotal Malware Check memory Checks debugger unpack itself DNS crashed		1			3.2	M	20	SFPark

2914	2020-11-12 18:16	koba.exe 9353d01ebee0c3e51ab99756ed0d5858 VirusTotal Malware AutoRuns PDB MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates executable files RWX flags setting unpack itself Windows utilities suspicious process malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check Tofsee Windows ComputerName Remote Code Execution	1 Keyword trend analysis	4	1		10.4		38	SFPark

2915	2020-11-12 18:17	beacon.exe 860cdd118f68793a680ad4d22c43619a VirusTotal Malware Code Injection buffers extracted RWX flags setting Windows utilities suspicious process malicious URLs Tofsee Windows ComputerName DNS	3 Keyword trend analysis Info https://eiphaem9aifuR1udaizu.badedsho.space/image/g9jVGMB1mhQ_ja7zd9fRX1zKOnP9VDbG0-zR1vJAm_Vq02GUsZyVJZe3PZZtJVD0tbKZk48vUpzd9zqjPQs4ncbHt6qh2acVPlgMgv2g8JMCrZVG5OSsg9XJcrsPnsUEIXjwI9Ym4zp7Hd9vB02rLoDtNFUOqcL6oDHTRzOtL5HOnWLM/kitten.gif https://oow8Phokeing6kai5haH.glowtrow.online/gifs/mQ5zu9qjPLclWwhQbQF3_EYcnNDngpBlyTp3deiWPVZwBcc3q0ozho1hmzV38_ZXr2Q_MJX59D_HIZwAJ92ePtwREQm7DwG2JI6qIed2VjAYezPl_jIKIM8f1BgVSGOnO65WgMzwRZlhy3nMHZsNjZo7kvYUf2RZuud15Cl7iTLUS8Rv/kitten.gif https://ooLiey0phuoghei2cei7.cleans.online/gifs/gFoakMP3VZw8D2F7dFUe119I9fv-1vlO0G4eXvHCVH1pUa4csh5arZQ18h5up598tjBWG4ytnRTedfUrPon3FcVFeCKiW2idPdrDCv4iPxsBL1rO52ZjC9ZLvTMMHAqMIvo_q9WkLLJ4nxDnBM9kpoNv-90NKw1yo7MczzAv4BnNH61E/kitten.gif	7	1		7.6	M	20	SFPark

2916	2020-11-12 18:21	3.dll 4f807ffbf0704b3aaf708a1aef892dfd VirusTotal Malware PDB					1.2	M	15	SFPark

2917	2020-11-12 18:23	372463.png.exe c2bf80228e601b565e634140b189f213 AutoRuns Code Injection Check memory buffers extracted unpack itself Windows utilities Detects VMWare suspicious process malicious URLs sandbox evasion WriteConsoleW VMware Windows Browser ComputerName crashed					8.6			SFPark

2918	2020-11-12 20:00	http://45.141.84.182/beacon.ex... 860cdd118f68793a680ad4d22c43619a Dridex VirusTotal Malware Code Injection Malicious Traffic Creates executable files exploit crash unpack itself Windows utilities AppData folder malicious URLs Tofsee Windows Exploit DNS crashed		2	7 Info SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET INFO Executable Download from dotted-quad Host ET INFO Packed Executable Download ET POLICY PE EXE or DLL Windows file download HTTP ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response ET INFO TLS Handshake Failure ET JA3 Hash - Possible Malware - Unknown traffic associated with Dridex		7.2	M	27	guest

2919	2020-11-13 10:00	axcypr.exe 944d8991324c722fc1495d8f3dda1313 VirusTotal Malware PDB unpack itself malicious URLs ComputerName DNS		1			3.2	M	19	SFPark

2920	2020-11-13 10:02	4574557.png.exe f44796a03f64ec015e6dbc497fb460d0 AutoRuns Code Injection Check memory buffers extracted unpack itself Windows utilities Detects VMWare suspicious process malicious URLs sandbox evasion WriteConsoleW VMware Windows Browser ComputerName crashed					9.0			SFPark

2921	2020-11-13 10:11	4574557.png.exe f44796a03f64ec015e6dbc497fb460d0 AutoRuns Code Injection Check memory buffers extracted unpack itself Windows utilities Detects VMWare suspicious process malicious URLs sandbox evasion WriteConsoleW VMware Windows Browser ComputerName crashed					9.0			admin

2922	2020-11-13 10:18	4574557.png.exe f44796a03f64ec015e6dbc497fb460d0 AutoRuns Code Injection Check memory buffers extracted unpack itself Windows utilities Detects VMWare suspicious process malicious URLs sandbox evasion WriteConsoleW VMware Windows Browser ComputerName crashed					9.0			admin

2923	2020-11-13 10:31	4574557.png.exe f44796a03f64ec015e6dbc497fb460d0 AutoRuns Code Injection Check memory buffers extracted unpack itself Windows utilities Detects VMWare suspicious process malicious URLs sandbox evasion WriteConsoleW VMware Windows Browser ComputerName crashed					9.0			admin

2924	2020-11-13 10:33	4574557.png.exe f44796a03f64ec015e6dbc497fb460d0 AutoRuns Code Injection Check memory buffers extracted unpack itself Windows utilities Detects VMWare suspicious process malicious URLs sandbox evasion WriteConsoleW VMware Windows Browser ComputerName DNS crashed		1			9.6			admin

2925	2020-11-13 10:35	axcypr.exe 944d8991324c722fc1495d8f3dda1313 VirusTotal Malware PDB unpack itself malicious URLs ComputerName					2.6	M	19	admin

First
Previous
191
192
193
194
195
196
197
198
199
200
Next
Last
Total : 48,317cnts