Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
3526	2020-12-03 14:59	pp.exe a34aada9a4773e1c8f43cd4cc96f93d4 VirusTotal Malware MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs ComputerName DNS		1			9.8	M	25	ZeroCERT

3527	2020-12-03 15:03	pp.exe a34aada9a4773e1c8f43cd4cc96f93d4 VirusTotal Malware MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs ComputerName DNS		1			9.2	M	25	ZeroCERT

3528	2020-12-03 16:11	qstdzs_xzkddmb_3.exe c662865d0988233a9f9f8638fd3603e9 VirusTotal Malware unpack itself malicious URLs DNS					4.2	M	30	ZeroCERT

3529	2020-12-03 16:12	pythonhs.exe 71b9115fa9e0c3614df410afb1c4d8d3 VirusTotal Cryptocurrency Miner Malware Cryptocurrency AutoRuns Malicious Traffic Check memory unpack itself Auto service suspicious process malicious URLs sandbox evasion Windows Browser DNS	1 Keyword trend analysis	1	1		9.4	M	62	ZeroCERT

3530	2020-12-03 16:15	-RTMD-AAEbMF-2mwAAvhwCAERFFwAS... 8ba6d94eb134e2f6f2cfcb477c371661 VirusTotal Malware unpack itself malicious URLs DNS		1			3.8	M	34	ZeroCERT

3531	2020-12-03 16:17	umu.exe 5d14a94c16571b7876ccb286cdb15893 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Ransomware Windows Tor ComputerName DNS Cryptographic key crashed					11.4		15	ZeroCERT

3532	2020-12-03 16:24	umu.exe 5d14a94c16571b7876ccb286cdb15893 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger unpack itself malicious URLs Windows Cryptographic key					5.8		15	ZeroCERT

3533	2020-12-03 16:25	updatewin2.exe 996ba35165bb62473d2a6743a5200d45 VirusTotal Malware unpack itself Windows Remote Code Execution					3.6	M	64	ZeroCERT

3534	2020-12-03 16:28	wxm.exe c0860ff6100446a4633e5e1b9f0ef6f8 VirusTotal Malware unpack itself malicious URLs					2.4	M	53	ZeroCERT

3535	2020-12-03 16:29	vbc.exe 2aaa15e28835feda9a2e223d82db2126 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs installed browsers check Windows Browser Email ComputerName Software		1			12.6	M	27	ZeroCERT

3536	2020-12-03 16:41	document.doc 27d241810f2d9343e83a197f1702cd36 VirusTotal Malware Malicious Traffic exploit crash unpack itself malicious URLs Windows Exploit DNS crashed Downloader		2	7 Info ET INFO DNS Query for Suspicious .ga Domain ET INFO Executable Download from dotted-quad Host ET CURRENT_EVENTS Terse alphanumeric executable downloader high likelihood of being hostile ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET POLICY PE EXE or DLL Windows file download HTTP ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response		5.2	M	29	ZeroCERT

3537	2020-12-03 16:42	vbc.exe bd49ddf00b88c89d85f4b4f5c95778c4 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs AntiVM_Disk VM Disk Size Check installed browsers check Windows Browser Email ComputerName DNS Software		1	1		13.8	M	36	ZeroCERT

3538	2020-12-03 18:11	108.msi 4da38b49c3930a8e94f785fd80204aaa VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger unpack itself malicious URLs AntiVM_Disk VM Disk Size Check ComputerName DNS	1 Keyword trend analysis	1			4.6	M	12	ZeroCERT

3539	2020-12-03 18:11	ayo.exe f2ab91d278df7177635900a32813985b VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities AppData folder malicious URLs Windows DNS Cryptographic key	6 Keyword trend analysis Info http://www.schobbedeckel.com/coz3/?DzrLW=VBZHT4dPwd24lf&EZU4DD=zWOJXB89j6ErVmSZOmXnA67SP0dbk4tfAP8mMo5+bM1VeyM9d4GZBm/C/PoQZP2cVAaPVYbr http://www.kuiper-lisbonne.com/coz3/ http://www.schobbedeckel.com/coz3/ http://www.4winner.xyz/coz3/ http://www.4winner.xyz/coz3/?EZU4DD=FzJRfMhWRKGiYclJ2fjURHKUBPNrbzlUUrVaU7rnUM0+6b/b9R1IlURCHDhNs/vKkhzr0NIG&DzrLW=VBZHT4dPwd24lf http://www.kuiper-lisbonne.com/coz3/?DzrLW=VBZHT4dPwd24lf&EZU4DD=+J6EpY7BGcbnrHk/EgzqrukiApipIGIoK43fot8tVitmMhl44tuzmxcfYDW2Rp4o3kavQFSI	7			12.8	M	42	ZeroCERT

3540	2020-12-03 18:20	BPnKFS5PfOiBexR.exe 388e384c4c02caac812266f016261f8a VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Ransomware Tor					9.4	M	38	ZeroCERT

First
Previous
231
232
233
234
235
236
237
238
239
240
Next
Last
Total : 48,320cnts