Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
3391	2020-12-01 14:02	mem.exe ffa010213169329c8df764ee0467ba6d VirusTotal Malware Buffer PE Check memory buffers extracted Creates executable files unpack itself AppData folder malicious URLs					4.8	M	20	ZeroCERT

3392	2020-12-01 14:07	MicrosoftStores.exe e4bec86181d4f9c07ded5fa2ef30b59c VirusTotal Cryptocurrency Miner Malware Cryptocurrency AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger WMI Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs sandbox evasion WriteConsoleW Windows Browser ComputerName DNS		1	5 Info ET POLICY Autoit Windows Automation tool User-Agent in HTTP Request - Possibly Hostile ET INFO Executable Download from dotted-quad Host ET INFO AutoIt User Agent Executable Request ET POLICY PE EXE or DLL Windows file download HTTP ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response		13.4	M	45	ZeroCERT

3393	2020-12-01 18:07	mrtye.exe efde3bc2f9662d8d9993fcfae911f243 Browser Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege MachineGuid Check memory buffers extracted WMI Creates executable files ICMP traffic unpack itself malicious URLs AntiVM_Disk VM Disk Size Check human activity check installed browsers check Windows Browser Email ComputerName Remote Code Execution DNS DDNS crashed		4	2		12.2	M	57	ZeroCERT

3394	2020-12-02 09:04	http://canadiantourismroundtab... 107f4a58dc56c803088abb23d29b279c Dridex VirusTotal Malware Code Injection Creates executable files exploit crash unpack itself Windows utilities AppData folder malicious URLs Tofsee Windows Exploit DNS crashed		2	5		5.0	M	53	ZeroCERT

3395	2020-12-02 10:13	-PLND-.exe e98484b682e94b45c30877ee9dd2164b VirusTotal Malware unpack itself malicious URLs DNS					3.4	M	45	ZeroCERT

3396	2020-12-02 10:14	NAVALB.exe ad57b8025cdca551f45a0f9a59d1d48b Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces malicious URLs IP Check Tofsee Ransomware Windows Browser Tor Email ComputerName Cryptographic key Software crashed keylogger		4	1		11.8	M	48	ZeroCERT

3397	2020-12-02 10:16	-rtmd-aobhjl9zjaaaxdocaerffwam... e98484b682e94b45c30877ee9dd2164b VirusTotal Malware unpack itself malicious URLs					2.8	M	45	ZeroCERT

3398	2020-12-02 10:16	Setup.exe 8eee25e77e3da8b32bd1577a7f8117c2 VirusTotal Malware suspicious privilege Checks debugger WMI unpack itself ComputerName crashed					4.0	M	52	ZeroCERT

3399	2020-12-02 10:20	Vmvbtbdt2.exe 7203880efa4719257626e79f05b5c9e3 VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows DNS					9.2	M	40	ZeroCERT

3400	2020-12-02 10:20	vbc.exe 4717a017f79ee99297bcd249b8a0b9f1 VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself Checks Bios Detects VirtualBox malicious URLs VMware anti-virtualization Windows ComputerName Software					8.2	M	47	ZeroCERT

3401	2020-12-02 10:22	Vmvbtbdt2.exe 7203880efa4719257626e79f05b5c9e3 VirusTotal Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows		3			9.4	M	40	ZeroCERT

3402	2020-12-02 10:23	web.exe bf613fe70f790d4b932601daa60a8797 VirusTotal Malware Buffer PE Check memory buffers extracted Creates executable files unpack itself AppData folder malicious URLs DNS					5.6	M	37	ZeroCERT

3403	2020-12-02 10:37	winappruntime1.exe a1f8ce4fa5149e128a8edaa885b2c9bd Browser Info Stealer VirusTotal Malware Malicious Traffic Checks debugger unpack itself Checks Bios Detects VirtualBox Detects VMWare Check virtual network interfaces malicious URLs VMware anti-virtualization Tofsee Windows Browser ComputerName DNS crashed		3	1		10.8	M	28	ZeroCERT

3404	2020-12-02 10:38	xpertorigin.exe 7fe00b8a8d95b0e3168a17834f4b355a Browser Info Stealer FTP Client Info Stealer Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces malicious URLs WriteConsoleW IP Check Tofsee Ransomware Windows Browser Tor Email ComputerName DNS Cryptographic key Software crashed keylogger		6	1		16.2	M		ZeroCERT

3405	2020-12-02 10:39	S3w3ZsAA.exe d91271a9f0236cf9391a3f5581dcd3c8 malicious URLs		2			0.8			조광섭

First
Previous
221
222
223
224
225
226
227
228
229
230
Next
Last
Total : 48,320cnts