Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
3031	2020-11-14 19:12	604100.jpg.exe 8a29f0972b9d24e24ed30c0f3bbdeab4 VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs Ransomware Windows Tor ComputerName Cryptographic key crashed					13.0	M	25	guest

3032	2020-11-14 19:16	vbc.exe 4b2f03238d5a3803519696a8f151d061 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs installed browsers check Windows Browser Email ComputerName Software		2			13.2	M	24	guest

3033	2020-11-14 23:17	vbc.exe 4b2f03238d5a3803519696a8f151d061 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs installed browsers check Windows Browser Email ComputerName Software		2			13.2	M	24	admin

3034	2020-11-14 23:20	5.exe f139bcd08ad8da406f7dd25411d1c9b3 VirusTotal Malware unpack itself malicious URLs					2.8	M	60	admin

3035	2020-11-15 00:49	604100.jpg.exe 8a29f0972b9d24e24ed30c0f3bbdeab4 VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs Windows ComputerName DNS Cryptographic key crashed		1			12.4	M	25	admin

3036	2020-11-15 09:48	IntelHAXM.exe 730113ba879c7bee746edb199f9403b7 VirusTotal Malware Check memory Checks debugger unpack itself malicious URLs					2.8		50	guest

3037	2020-11-15 10:00	DTLEP.exe e8d11537236c3439c2c8dda29dfc9a48 VirusTotal Malware AutoRuns Check memory unpack itself Windows Remote Code Execution crashed keylogger					4.6	M	19	guest

3038	2020-11-15 12:58	5.exe f139bcd08ad8da406f7dd25411d1c9b3 VirusTotal Malware unpack itself malicious URLs					2.8	M	60	admin

3039	2020-11-15 17:38	crss.exe d8bb039f1f1d49caee5018e499583342 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName Cryptographic key					10.0	M	20	guest

3040	2020-11-15 17:47	crss.exe d8bb039f1f1d49caee5018e499583342 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName Cryptographic key					8.2	M	20	admin

3041	2020-11-15 19:58	http://143.92.57.83:8080/o.bat 06d6852d600ec97cef029357ef06c949 Dridex VirusTotal Malware Code Injection Malicious Traffic Creates executable files RWX flags setting exploit crash unpack itself Windows utilities AppData folder malicious URLs Tofsee Windows Exploit DNS crashed		2	6 Info SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET INFO TLS Handshake Failure ET JA3 Hash - Possible Malware - Unknown traffic associated with Dridex ET POLICY PE EXE or DLL Windows file download HTTP ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response ET INFO EXE - Served Attached HTTP		6.4	M	27	guest

3042	2020-11-15 21:35	lm.exe 2fb76b187bffd19e03ef8a9a75af7966 VirusTotal Malware AutoRuns PDB Code Injection Check memory Checks debugger Creates executable files unpack itself Windows utilities AppData folder malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check Windows ComputerName Remote Code Execution		2			7.0		6	admin

3043	2020-11-15 21:43	lm.exe 2fb76b187bffd19e03ef8a9a75af7966 VirusTotal Malware AutoRuns PDB Code Injection Check memory Checks debugger Creates executable files unpack itself Windows utilities AppData folder malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check Windows ComputerName Remote Code Execution DNS		3			7.6	M	6	admin

3044	2020-11-15 21:45	rover.exe 0ddc29dca8aa48dda5519a00663a9d7e unpack itself Remote Code Execution					1.4			admin

3045	2020-11-16 07:50	rover.exe 0ddc29dca8aa48dda5519a00663a9d7e VirusTotal Malware unpack itself Remote Code Execution					2.2	M	22	admin

First
Previous
201
202
203
204
205
206
207
208
209
210
Next
Last
Total : 48,320cnts