Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
3451	2020-12-02 22:41	128.exe 4c8d506e1cb5b27e77c237eaf2c032c0 Browser Info Stealer Malware download FTP Client Info Stealer Azorult VirusTotal Email Client Info Stealer Malware suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Collect installed applications AppData folder malicious URLs sandbox evasion anti-virtualization installed browsers check Browser Email ComputerName DNS Software		1	3		17.0	M	46	ZeroCERT

3452	2020-12-02 22:49	app3-Italian.exe b7ff1574a5e7a17dda1e6c0f55e46324 VirusTotal Malware Check memory WMI unpack itself malicious URLs ComputerName Remote Code Execution					4.4	M	39	ZeroCERT

3453	2020-12-02 22:50	ACVi5thpc2g7rav.exe 38c36c621e2d3240a43e2065662d0b44 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Malicious Traffic Check memory Checks debugger Creates executable files unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder malicious URLs WriteConsoleW IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed		4	4		12.4	M	42	ZeroCERT

3454	2020-12-02 22:56	Benz.exe ad07e504c28e59cfeab0f7192c8aec45 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Ransomware Windows Tor ComputerName Cryptographic key crashed					11.2	M	38	ZeroCERT

3455	2020-12-02 22:57	bot.exe 993837f7c329519cbc134b742407214b VirusTotal Malware Buffer PE AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Auto service Check virtual network interfaces AppData folder malicious URLs sandbox evasion WriteConsoleW IP Check Tofsee Windows ComputerName DNS Cryptographic key keylogger		12 Info crt.comodoca.com(91.199.212.52) dogechain.info(104.26.3.232) api.ipify.org(23.21.42.25) cnc.c25e6559668942.xyz(193.239.147.105) - malware pool.hashvault.pro(131.153.76.130) - mailcious www1.c25e6559668942.xyz(84.16.234.240) 172.67.71.222 104.28.5.151 193.239.147.105 - malware 184.73.247.141 91.199.212.52 131.153.76.130	12 Info SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET POLICY Autoit Windows Automation tool User-Agent in HTTP Request - Possibly Hostile ET INFO AutoIt User Agent Executable Request ET HUNTING SUSPICIOUS Firesale gTLD EXE DL with no Referer June 13 2016 ET POLICY PE EXE or DLL Windows file download HTTP ET HUNTING SUSPICIOUS IRC - NICK and Possible Windows XP/7 ET HUNTING SUSPICIOUS IRC - NICK and Win ET CHAT IRC PONG response ET CHAT IRC PING command ET CHAT IRC USER command ET CHAT IRC NICK command ET CHAT IRC JOIN command		15.6	M	45	ZeroCERT

3456	2020-12-02 22:58	Benz.exe ad07e504c28e59cfeab0f7192c8aec45 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows ComputerName Cryptographic key crashed					10.6	M	38	ZeroCERT

3457	2020-12-02 23:06	boz.exe 6bee90af83b5ba825463e3b3ef37c2c5 Browser Info Stealer Malware download FTP Client Info Stealer Azorult VirusTotal Email Client Info Stealer Malware suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Collect installed applications AppData folder malicious URLs sandbox evasion anti-virtualization installed browsers check Browser Email ComputerName DNS Software		1	3		16.0	M	40	ZeroCERT

3458	2020-12-02 23:10	case6796.xls 6b74a575e48ab50af18b09c44a83867c unpack itself malicious URLs					1.2	M		ZeroCERT

3459	2020-12-02 23:15	cat1.exe d9e402762e546c0046ad4748778472e1 FTP Client Info Stealer VirusTotal Malware Check memory Checks debugger unpack itself malicious URLs Remote Code Execution Software					3.4	M	5	ZeroCERT

3460	2020-12-02 23:16	ch.exe 6c73c653de5014b11474e0a79605477b VirusTotal Malware AutoRuns Check memory RWX flags setting unpack itself malicious URLs anti-virtualization Windows DNS					5.4	M	26	ZeroCERT

3461	2020-12-02 23:21	chief.exe f18c574ef4ad6839eab6738cada4eb31 Malware download Azorult VirusTotal Malware suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs Browser ComputerName DNS	1 Keyword trend analysis	1	2	1	10.8	M	51	ZeroCERT

3462	2020-12-02 23:24	chromium.exe f20f5ad4b8d13a4fb00275480075d145 Browser Info Stealer Malware download Vidar VirusTotal Malware Cryptocurrency wallets Cryptocurrency suspicious privilege MachineGuid Malicious Traffic Check memory Checks debugger WMI Creates executable files unpack itself Windows utilities Collect installed applications suspicious process AppData folder malicious URLs AntiVM_Disk WriteConsoleW anti-virtualization VM Disk Size Check installed browsers check OskiStealer Stealer Windows Browser ComputerName DNS		2	3		14.0	M	57	ZeroCERT

3463	2020-12-02 23:25	d.exe fad893eedfeba43fc054f30cf002d8ba Browser Info Stealer Malware download FTP Client Info Stealer Azorult VirusTotal Email Client Info Stealer Malware MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Collect installed applications AppData folder malicious URLs sandbox evasion anti-virtualization installed browsers check Browser Email ComputerName DNS Software		1	3		14.8	M	34	ZeroCERT

3464	2020-12-02 23:36	Frankfileee.exe 4bf6a72dfeb47a08fd656b57205bae3e VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Ransomware Windows Tor ComputerName crashed					14.0	M	46	ZeroCERT

3465	2020-12-02 23:37	host.exe e91d1087dc9767e75f14b335c8d88233 VirusTotal Malware Buffer PE Check memory buffers extracted Creates executable files unpack itself AppData folder malicious URLs DNS					5.8	M	46	ZeroCERT

First
Previous
231
232
233
234
235
236
237
238
239
240
Next
Last
Total : 48,320cnts