Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
3346	2020-11-27 17:37	sxs.exe a59e8de8a970190ecb658bb9d8238e63 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows ComputerName crashed					10.2	M	28	ZeroCERT

3347	2020-11-27 17:37	vbclient.exe dff805106f7e22c65887f4b40ae63af7 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs WriteConsoleW IP Check ComputerName DNS	1 Keyword trend analysis	2	1		10.2	M	33	ZeroCERT

3348	2020-11-27 17:41	VYAaPkmx0DcECli.exe 8b32cc7f0fea5d2d75340eb71dc808ab VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows DNS					9.4	M	20	ZeroCERT

3349	2020-11-27 17:42	vbclient.exe dff805106f7e22c65887f4b40ae63af7 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs WriteConsoleW IP Check ComputerName crashed	1 Keyword trend analysis	2	1		10.2	M	33	ZeroCERT

3350	2020-11-27 17:42	winlog.exe e54d832cb872b7dc086ab7a7878d38fb VirusTotal Malware suspicious privilege Check memory unpack itself					3.6	M	51	ZeroCERT

3351	2020-11-27 17:44	xqakn8b.jpg.exe 1ba0b20a2d03d8af03a7faa42b06417f VirusTotal Malware unpack itself Remote Code Execution crashed					2.6	M	55	ZeroCERT

3352	2020-11-27 17:46	YAS2231.exe 99b81672c6ec04e7e6e6063b40d9127c VirusTotal Malware PDB suspicious privilege Creates executable files unpack itself AppData folder malicious URLs sandbox evasion ComputerName					4.8	M	51	ZeroCERT

3353	2020-11-27 17:48	Yvvtz1.exe 0d2637cb8d991ba05dd78136d2e01321 VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself Windows ComputerName DNS Cryptographic key crashed					3.4	M	15	ZeroCERT

3354	2020-11-27 17:55	oxiba.exe 9817218c055db1b75d64df2ae2f40f53 VirusTotal Malware powershell AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger Creates shortcut unpack itself Disables Windows Security powershell.exe wrote Check virtual network interfaces suspicious process malicious URLs WriteConsoleW Tofsee Windows ComputerName Cryptographic key	1 Keyword trend analysis	2	1	1	11.2	M	27	ZeroCERT

3355	2020-11-28 09:40	http://115373.com/ 3b7b28992c82645f61bf6329cfa120c2 Dridex Malware Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	1 Keyword trend analysis	10 Info makemoneywithus.work(188.225.75.54) - mailcious clkfeed.com(173.192.101.21) - mailcious infopicked.com(173.192.101.24) - mailcious p277439.infopicked.com(173.192.101.24) - mailcious 115373.com(47.245.55.138) 47.245.57.170 173.192.101.21 - suspicious 95.216.179.33 173.192.101.24 - suspicious 188.225.75.54 - suspicious	5		5.6	M		guest

3356	2020-11-28 10:10	0mrxdv.exe b7679c443e22238291f5603f016ff56e VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself malicious URLs Windows ComputerName DNS Cryptographic key					4.2		23	ZeroCERT

3357	2020-11-28 10:11	oxiba.exe 9817218c055db1b75d64df2ae2f40f53 Browser Info Stealer VirusTotal Email Client Info Stealer Malware powershell AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself Disables Windows Security powershell.exe wrote Check virtual network interfaces suspicious process malicious URLs WriteConsoleW IP Check Tofsee Ransomware Windows Browser Tor Email ComputerName Cryptographic key crashed keylogger	3 Keyword trend analysis	6	1	1	19.0	M	27	ZeroCERT

3358	2020-11-28 10:15	5901777.pdf.exe 7e26e87ab642008d934824d509559859 VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself Windows ComputerName Cryptographic key					3.0	M	38	ZeroCERT

3359	2020-11-28 10:15	Jqeofcirr6.exe 0998148d355b1e7bad7b44558aa4c125 VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself malicious URLs Windows ComputerName DNS Cryptographic key					4.4	M	35	ZeroCERT

3360	2020-11-28 10:17	Nmsdmwkbi4.exe 224e779ff4d39ce90878ae3e630197e7 VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself Windows ComputerName Cryptographic key					2.8	M	22	ZeroCERT

First
Previous
221
222
223
224
225
226
227
228
229
230
Next
Last
Total : 48,320cnts