Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
3421	2020-12-02 16:20	prowarzgalaxyz.exe aeb8c6e4bd873e955e0a4868ad38e540 Malware download njRAT NetWireRC VirusTotal Malware PDB suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder malicious URLs WriteConsoleW installed browsers check Windows Browser DNS DDNS Downloader		4	10 Info ET MALWARE Bladabindi/njRAT CnC Command (ll) ET INFO Executable Download from dotted-quad Host ET CURRENT_EVENTS Terse alphanumeric executable downloader high likelihood of being hostile ET MALWARE Possible Malicious Macro DL EXE Feb 2016 ET MALWARE Possible Malicious Macro EXE DL AlphaNumL ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET POLICY DNS Query to DynDNS Domain *.serveftp .com ET POLICY PE EXE or DLL Windows file download HTTP ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response		10.8	M	63	조광섭

3422	2020-12-02 16:23	prowarzgalaxyz.exe aeb8c6e4bd873e955e0a4868ad38e540 Malware download VirusTotal Malware PDB suspicious privilege Malicious Traffic Creates executable files AppData folder malicious URLs WriteConsoleW installed browsers check Windows Browser DNS Downloader		3	8 Info ET INFO Executable Download from dotted-quad Host ET MALWARE Possible Malicious Macro DL EXE Feb 2016 ET MALWARE Possible Malicious Macro EXE DL AlphaNumL ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET CURRENT_EVENTS Terse alphanumeric executable downloader high likelihood of being hostile ET POLICY PE EXE or DLL Windows file download HTTP ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response		9.2	M	63	조광섭

3423	2020-12-02 16:27	prowarzgalaxyz.exe aeb8c6e4bd873e955e0a4868ad38e540 Malware download VirusTotal Malware PDB suspicious privilege Malicious Traffic Creates executable files ICMP traffic AppData folder malicious URLs WriteConsoleW installed browsers check Windows Browser DNS Downloader		3	8 Info ET INFO Executable Download from dotted-quad Host ET MALWARE Possible Malicious Macro DL EXE Feb 2016 ET MALWARE Possible Malicious Macro EXE DL AlphaNumL ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET CURRENT_EVENTS Terse alphanumeric executable downloader high likelihood of being hostile ET POLICY PE EXE or DLL Windows file download HTTP ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response		10.0	M	63	조광섭

3424	2020-12-02 16:31	prowarzgalaxyz.exe aeb8c6e4bd873e955e0a4868ad38e540 Malware download VirusTotal Malware PDB suspicious privilege Malicious Traffic Creates executable files AppData folder malicious URLs WriteConsoleW installed browsers check Windows Browser DNS Downloader		3	8 Info ET INFO Executable Download from dotted-quad Host ET MALWARE Possible Malicious Macro DL EXE Feb 2016 ET MALWARE Possible Malicious Macro EXE DL AlphaNumL ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET CURRENT_EVENTS Terse alphanumeric executable downloader high likelihood of being hostile ET POLICY PE EXE or DLL Windows file download HTTP ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response		9.8	M	63	조광섭

3425	2020-12-02 16:34	prowarzgalaxyz.exe aeb8c6e4bd873e955e0a4868ad38e540 Malware download VirusTotal Malware PDB suspicious privilege Malicious Traffic Creates executable files AppData folder malicious URLs WriteConsoleW installed browsers check Windows Browser DNS Downloader		3	8 Info ET INFO Executable Download from dotted-quad Host ET CURRENT_EVENTS Terse alphanumeric executable downloader high likelihood of being hostile ET MALWARE Possible Malicious Macro DL EXE Feb 2016 ET MALWARE Possible Malicious Macro EXE DL AlphaNumL ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET POLICY PE EXE or DLL Windows file download HTTP ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response		9.8	M	63	조광섭

3426	2020-12-02 16:39	prowarzgalaxyz.exe aeb8c6e4bd873e955e0a4868ad38e540 Malware download njRAT NetWireRC VirusTotal Malware PDB suspicious privilege Malicious Traffic Check memory Checks debugger Creates executable files unpack itself AppData folder malicious URLs WriteConsoleW installed browsers check Windows Browser DNS DDNS Downloader		4	10 Info ET POLICY DNS Query to DynDNS Domain *.serveftp .com ET INFO Executable Download from dotted-quad Host ET MALWARE Bladabindi/njRAT CnC Command (ll) ET CURRENT_EVENTS Terse alphanumeric executable downloader high likelihood of being hostile ET MALWARE Possible Malicious Macro DL EXE Feb 2016 ET MALWARE Possible Malicious Macro EXE DL AlphaNumL ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET POLICY PE EXE or DLL Windows file download HTTP ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response		10.4	M	63	조광섭

3427	2020-12-02 16:41	prowarzgalaxyz.exe aeb8c6e4bd873e955e0a4868ad38e540 Malware download VirusTotal Malware PDB suspicious privilege Malicious Traffic Creates executable files AppData folder malicious URLs WriteConsoleW installed browsers check Windows Browser DNS Downloader		4	8 Info ET INFO Executable Download from dotted-quad Host ET MALWARE Possible Malicious Macro DL EXE Feb 2016 ET CURRENT_EVENTS Terse alphanumeric executable downloader high likelihood of being hostile ET MALWARE Possible Malicious Macro EXE DL AlphaNumL ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET POLICY PE EXE or DLL Windows file download HTTP ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response		9.2	M	63	조광섭

3428	2020-12-02 16:43	32.exe 376f65c925a7319f88beee5075cfa944 VirusTotal Malware AutoRuns Check memory Creates executable files Windows utilities suspicious process AppData folder malicious URLs sandbox evasion WriteConsoleW Windows Remote Code Execution					6.8	M	61	조광섭

3429	2020-12-02 16:45	prowarzgalaxyz.exe aeb8c6e4bd873e955e0a4868ad38e540 Malware download VirusTotal Malware PDB suspicious privilege Malicious Traffic Creates executable files AppData folder malicious URLs WriteConsoleW installed browsers check Windows Browser DNS Downloader		3	8 Info ET INFO Executable Download from dotted-quad Host ET MALWARE Possible Malicious Macro DL EXE Feb 2016 ET MALWARE Possible Malicious Macro EXE DL AlphaNumL ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET CURRENT_EVENTS Terse alphanumeric executable downloader high likelihood of being hostile ET POLICY PE EXE or DLL Windows file download HTTP ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response		9.2	M	63	조광섭

3430	2020-12-02 16:46	prowarzgalaxyz.exe aeb8c6e4bd873e955e0a4868ad38e540 Malware download VirusTotal Malware PDB suspicious privilege Malicious Traffic Creates executable files AppData folder malicious URLs WriteConsoleW installed browsers check Windows Browser DNS Downloader		3	8 Info ET INFO Executable Download from dotted-quad Host ET MALWARE Possible Malicious Macro DL EXE Feb 2016 ET MALWARE Possible Malicious Macro EXE DL AlphaNumL ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET CURRENT_EVENTS Terse alphanumeric executable downloader high likelihood of being hostile ET POLICY PE EXE or DLL Windows file download HTTP ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response		9.2	M	63	조광섭

3431	2020-12-02 16:50	prowarzgalaxyz.exe aeb8c6e4bd873e955e0a4868ad38e540 Malware download VirusTotal Malware PDB suspicious privilege Malicious Traffic Creates executable files ICMP traffic AppData folder malicious URLs WriteConsoleW installed browsers check Windows Browser DNS Downloader		3	8 Info ET INFO Executable Download from dotted-quad Host ET CURRENT_EVENTS Terse alphanumeric executable downloader high likelihood of being hostile ET MALWARE Possible Malicious Macro DL EXE Feb 2016 ET MALWARE Possible Malicious Macro EXE DL AlphaNumL ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET POLICY PE EXE or DLL Windows file download HTTP ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response		10.6	M	63	조광섭

3432	2020-12-02 16:52	prowarzgalaxyz.exe aeb8c6e4bd873e955e0a4868ad38e540 Malware download VirusTotal Malware PDB suspicious privilege Malicious Traffic Creates executable files ICMP traffic AppData folder malicious URLs WriteConsoleW installed browsers check Windows Browser DNS Downloader		3	8 Info ET INFO Executable Download from dotted-quad Host ET MALWARE Possible Malicious Macro DL EXE Feb 2016 ET MALWARE Possible Malicious Macro EXE DL AlphaNumL ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET CURRENT_EVENTS Terse alphanumeric executable downloader high likelihood of being hostile ET POLICY PE EXE or DLL Windows file download HTTP ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response		10.0	M	63	조광섭

3433	2020-12-02 16:52	32.exe 376f65c925a7319f88beee5075cfa944 VirusTotal Malware AutoRuns Check memory Creates executable files Windows utilities suspicious process AppData folder malicious URLs sandbox evasion WriteConsoleW Windows Remote Code Execution					6.8	M	61	조광섭

3434	2020-12-02 17:06	prowarzgalaxyz.exe aeb8c6e4bd873e955e0a4868ad38e540 Malware download VirusTotal Malware PDB suspicious privilege Malicious Traffic Creates executable files AppData folder malicious URLs WriteConsoleW installed browsers check Windows Browser DNS Downloader		3	8 Info ET INFO Executable Download from dotted-quad Host ET MALWARE Possible Malicious Macro DL EXE Feb 2016 ET MALWARE Possible Malicious Macro EXE DL AlphaNumL ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET CURRENT_EVENTS Terse alphanumeric executable downloader high likelihood of being hostile ET POLICY PE EXE or DLL Windows file download HTTP ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response		9.8	M	63	조광섭

3435	2020-12-02 17:08	32.exe 376f65c925a7319f88beee5075cfa944 VirusTotal Malware AutoRuns Check memory Creates executable files Windows utilities suspicious process AppData folder malicious URLs sandbox evasion WriteConsoleW Windows Remote Code Execution					6.8	M	61	조광섭

First
Previous
221
222
223
224
225
226
227
228
229
230
Next
Last
Total : 48,320cnts