Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
3226	2020-11-22 14:34	pp.exe bb30a5dd4130b071fb4ca5f005371c63 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs DNS					8.6	M	43	ZeroCERT

3227	2020-11-22 14:35	POT.exe 51665d04b5fc3289e64ebb819e29e798 VirusTotal Malware Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder malicious URLs crashed					4.0	M	22	ZeroCERT

3228	2020-11-22 14:44	stub.exe 0e246d7813b9ea04cac28802062a3ddd Browser Info Stealer Malware download VirusTotal Malware Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces malicious URLs IP Check Stealer Browser	3 Keyword trend analysis	4	2	1	5.2	M	52	ZeroCERT

3229	2020-11-22 14:46	pp.exe bb30a5dd4130b071fb4ca5f005371c63 VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities malicious URLs Windows	2 Keyword trend analysis	4			10.0	M	43	ZeroCERT

3230	2020-11-22 14:52	vbc2.exe 3d549885e44863c57f59eab47f2271cc VirusTotal Malware Code Injection buffers extracted unpack itself sandbox evasion crashed					6.0	M	44	ZeroCERT

3231	2020-11-22 14:54	vbc.exe 0daef62b8a4b65f7ce2021e21941e32e Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces malicious URLs IP Check Tofsee Ransomware Windows Browser Tor Email ComputerName Cryptographic key Software crashed	2 Keyword trend analysis	4	1		12.4	M	49	ZeroCERT

3232	2020-11-22 14:55	vbc2.exe 3d549885e44863c57f59eab47f2271cc VirusTotal Malware Code Injection buffers extracted unpack itself sandbox evasion DNS crashed					6.6	M	44	ZeroCERT

3233	2020-11-22 14:58	vbc3.exe bf75ed61e1b1f7b310ec1d999077c4dd VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger unpack itself malicious URLs	10 Keyword trend analysis Info http://www.qzrpxx.com/o56q/?AdpLIhj=P2eb/knzekVWtTLKqAP1FhOrr8Fv7hbpHOs/hGmiCsR6+dL7XpK3jSWWK4y62PvCwZCP1G7u&EZ442V=IdnTot2PhnQT http://www.kamisbet.com/o56q/?AdpLIhj=VKLKGhk3Pe2OjeCfLw6g1+470HcCMM4KU97S7s7eStMeb/8KEmVIsOCWQTjbYjSr+CVdjHnL&EZ442V=IdnTot2PhnQT http://www.natcandy.com/o56q/ http://www.natcandy.com/o56q/?AdpLIhj=txyYMtCLm6ubKNHi3qYYn+5SCVWoTymC4Fy9/8gvc5WTXTsch9hYV90QltEHWjVeSRlmmpSg&EZ442V=IdnTot2PhnQT http://www.qzrpxx.com/o56q/ http://www.teelinkz.com/o56q/?AdpLIhj=kNK7qyUppsx1QRLwDQjm/XfEOCgL/rCBvS1q+B2CMQED5QxzM1Z/xLEIYMidk8SKLw+i55Nq&EZ442V=IdnTot2PhnQT http://www.kamisbet.com/o56q/ http://www.620harbourdrive.com/o56q/ http://www.teelinkz.com/o56q/ http://www.620harbourdrive.com/o56q/?AdpLIhj=oBhdXTojpWNHoEp6WHKMn+PMMmogcfgwxJ2vT9od1Z59LPoNEbYBbxB/kh93ERTUpLr6YngX&EZ442V=IdnTot2PhnQT	12 Info www.sz360buy.com(160.122.148.234) www.teelinkz.com(34.102.136.180) www.620harbourdrive.com(184.168.131.241) www.natcandy.com(198.54.117.212) www.qzrpxx.com(47.91.170.148) www.kamisbet.com(104.31.91.19) 198.54.117.218 - suspicious 172.67.219.144 34.102.136.180 - suspicious 184.168.131.241 - suspicious 47.91.170.148 160.122.148.234			6.8	M	22	ZeroCERT

3234	2020-11-22 14:58	vHJ9aMdbRpFATd3.exe 526f579a895b5294709684a3f48a6704 VirusTotal Malware MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Windows ComputerName DNS		1			13.4	M	38	ZeroCERT

3235	2020-11-22 15:02	zxcv.EXE 82a0a0bd6084c5a28081310e75e7f608 VirusTotal Malware RWX flags setting unpack itself Windows DNS crashed					3.8	M	58	ZeroCERT

3236	2020-11-22 15:03	vHJ9aMdbRpFATd3.exe 526f579a895b5294709684a3f48a6704 VirusTotal Malware MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Windows ComputerName DNS		1			13.4	M	38	ZeroCERT

3237	2020-11-22 15:31	M0021.cab 4a6a30db71e78ff73d46d8d999f51098					0.4			ZeroCERT

3238	2020-11-22 15:42	Setup.exe 1d7b2ef640708b295388ad7f66efd41a					0.6			ZeroCERT

3239	2020-11-22 15:42	vHJ9aMdbRpFATd3.exe 526f579a895b5294709684a3f48a6704 VirusTotal Malware MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Windows ComputerName DNS		1			13.4	M	38	ZeroCERT

3240	2020-11-22 15:46	winupdate64.log.exe d6c8dfb4e756dfca48068be9160da3ca AutoRuns suspicious privilege unpack itself malicious URLs Windows Advertising crashed					4.8			ZeroCERT

First
Previous
211
212
213
214
215
216
217
218
219
220
Next
Last
Total : 48,320cnts