Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
3001	2020-11-14 09:52	http://45.138.72.84/10.11nov32... VirusTotal Malware					0.6			guest

3002	2020-11-14 11:09	1NN.exe 04965d71773df3b1283ddd3f5489774a Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Malicious Traffic Check memory Checks debugger WMI RWX flags setting unpack itself Check virtual network interfaces IP Check Tofsee Windows Browser Email ComputerName Software crashed keylogger	1 Keyword trend analysis	4	2		10.0	M	55	guest

3003	2020-11-14 11:10	crss.exe c686f0172cdc0e9e4a5f8ef3eae39f08 VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Windows ComputerName DNS Cryptographic key	1 Keyword trend analysis	3			12.2	M	24	guest

3004	2020-11-14 11:14	document.doc 4f56d3858a54bf7bb94e1c7ddc741a42 VirusTotal Malware exploit crash unpack itself malicious URLs Windows Exploit crashed Downloader	1 Keyword trend analysis	2	2		4.2	M	24	guest

3005	2020-11-14 11:15	invoice_141146.doc 450faad9143044796ab28d4d23e9d9ca LokiBot Malware download VirusTotal Malware c&c Malicious Traffic exploit crash unpack itself malicious URLs Windows Exploit Trojan DNS crashed Downloader		5	12 Info ET MALWARE Trojan Generic - POST To gate.php with no referer ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET INFO HTTP POST Request to Suspicious *.ga Domain ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET CURRENT_EVENTS Terse alphanumeric executable downloader high likelihood of being hostile ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET INFO DNS Query for Suspicious .ga Domain ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Fake 404 Response ET POLICY PE EXE or DLL Windows file download HTTP		5.6	M	28	guest

3006	2020-11-14 11:22	vbc.exe 796ea1c0ca9bff9ac2c428635c2ddf94 Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs installed browsers check Windows Browser Email ComputerName Trojan DNS Software	1 Keyword trend analysis	2	10 Info ET INFO DNS Query for Suspicious .ga Domain ET MALWARE Trojan Generic - POST To gate.php with no referer ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET INFO HTTP POST Request to Suspicious *.ga Domain ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Fake 404 Response	1	13.8	M	21	admin

3007	2020-11-14 11:22	mat.exe e06713074df9b1a23469267f1ac54e17 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Check memory Checks debugger unpack itself Windows utilities malicious URLs Ransomware Windows Browser Tor Email ComputerName DNS Cryptographic key Software crashed		1			11.4	M	25	admin

3008	2020-11-14 11:25	zz.exe 23a0a2819f0e3626853a4b16f04785a1 VirusTotal Malware Buffer PE suspicious privilege MachineGuid Check memory Checks debugger buffers extracted RWX flags setting unpack itself ComputerName DNS DDNS		2	1		7.8	M	53	admin

3009	2020-11-14 13:38	5.exe f139bcd08ad8da406f7dd25411d1c9b3 VirusTotal Malware unpack itself malicious URLs					2.8	M	60	admin

3010	2020-11-14 14:02	5.exe f139bcd08ad8da406f7dd25411d1c9b3 VirusTotal Malware unpack itself malicious URLs					2.8	M	60	admin

3011	2020-11-14 14:13	5.exe f139bcd08ad8da406f7dd25411d1c9b3 VirusTotal Malware unpack itself malicious URLs					2.8	M	60	admin

3012	2020-11-14 14:33	5.exe f139bcd08ad8da406f7dd25411d1c9b3 VirusTotal Malware unpack itself malicious URLs					2.8	M	60	admin

3013	2020-11-14 14:38	5.exe f139bcd08ad8da406f7dd25411d1c9b3 VirusTotal Malware unpack itself malicious URLs					2.8	M	60	admin

3014	2020-11-14 14:58	5.exe f139bcd08ad8da406f7dd25411d1c9b3 VirusTotal Malware unpack itself malicious URLs					2.8	M	60	admin

3015	2020-11-14 15:26	5.exe f139bcd08ad8da406f7dd25411d1c9b3 VirusTotal Malware unpack itself malicious URLs					2.8	M	60	admin

First
Previous
201
202
203
204
205
206
207
208
209
210
Next
Last
Total : 48,320cnts