Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
3316	2020-11-26 10:16	CFILEE.exe 018460c9c7fba779d2c0b79c824ad5d4 VirusTotal Malware Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs ComputerName					7.8	M	41	ZeroCERT

3317	2020-11-26 10:17	chrome.exe eefab6a739efad4b904ee832f9179985 VirusTotal Malware AutoRuns Code Injection Check memory Creates executable files Windows utilities malicious URLs WriteConsoleW Windows DNS keylogger		2			9.8	M	63	ZeroCERT

3318	2020-11-26 10:24	config2.json.exe db50f0059022bc9532961ea296494f03 VirusTotal Malware unpack itself malicious URLs crashed					2.4	M	22	ZeroCERT

3319	2020-11-26 10:31	document.doc 57672c47c193f3a557553cab8126f356 VirusTotal Malware Malicious Traffic exploit crash unpack itself malicious URLs Windows Exploit DNS crashed		3	5 Info ET INFO Executable Download from dotted-quad Host ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET POLICY PE EXE or DLL Windows file download HTTP ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response		5.2	M	27	ZeroCERT

3320	2020-11-26 10:45	Documents.exe 38277d6e24f7210e5b8d77a337ae51d1 VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs	1 Keyword trend analysis	3			9.0	M	36	guest

3321	2020-11-26 10:45	ErQiBmn8cFITjnV.exe 393f16e9d2b10145cc148a9a6413fe51 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Ransomware Windows Tor ComputerName DNS crashed					14.0	M	45	guest

3322	2020-11-26 10:51	ErQiBmn8cFITjnV.exe 393f16e9d2b10145cc148a9a6413fe51 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Windows ComputerName crashed					12.2	M	45	ZeroCERT

3323	2020-11-26 10:52	fO8WPFWzbC3gexr.exe 5960c5688e1a3a5040265fd608fffab2 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Ransomware Windows Tor ComputerName DNS crashed					14.6	M	44	ZeroCERT

3324	2020-11-26 11:25	ErQiBmn8cFITjnV.exe 393f16e9d2b10145cc148a9a6413fe51 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Windows ComputerName crashed					12.8	M	45	ZeroCERT

3325	2020-11-26 11:26	fO8WPFWzbC3gexr.exe 5960c5688e1a3a5040265fd608fffab2 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Windows ComputerName DNS crashed					14.0	M	44	ZeroCERT

3326	2020-11-26 11:35	fYVOqo8l9OOcKJN.exe b38cb5b76f1743869c7e93575f7f8a05 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Ransomware Windows Tor ComputerName crashed					14.6	M	46	ZeroCERT

3327	2020-11-26 11:35	GKy0gZW2U5ZFfi3.exe 7ed3dddb228ebd374d05d0c7b10f5ec8 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Ransomware Windows Tor ComputerName DNS crashed					15.2	M	50	ZeroCERT

3328	2020-11-26 11:38	nhzreport20.exe 7a74af0feccf3f3a19bb5f33f4aba409 VirusTotal Malware PDB Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces malicious URLs DNS	1 Keyword trend analysis	1			4.8	M	41	ZeroCERT

3329	2020-11-26 11:39	ov6a7cu.jpg.exe d3b2e2e305010b207712b4faaa9e8436 VirusTotal Malware unpack itself Remote Code Execution DNS crashed					3.2	M	51	ZeroCERT

3330	2020-11-26 12:16	prowarzgalaxyz.exe aeb8c6e4bd873e955e0a4868ad38e540 Malware download VirusTotal Malware PDB suspicious privilege Malicious Traffic Creates executable files ICMP traffic AppData folder malicious URLs WriteConsoleW installed browsers check Windows Browser DNS Downloader		3	8 Info ET INFO Executable Download from dotted-quad Host ET CURRENT_EVENTS Terse alphanumeric executable downloader high likelihood of being hostile ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET MALWARE Possible Malicious Macro DL EXE Feb 2016 ET MALWARE Possible Malicious Macro EXE DL AlphaNumL ET POLICY PE EXE or DLL Windows file download HTTP ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response		10.0	M	65	ZeroCERT

First
Previous
221
222
223
224
225
226
227
228
229
230
Next
Last
Total : 48,320cnts