Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
3556	2020-12-05 14:55	CNsF60DZWxKsruz.exe 217eb71821d9bbc6d45ac8f779dac415 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Malicious Traffic Check memory Checks debugger Creates executable files unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder malicious URLs WriteConsoleW IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	2 Keyword trend analysis	4	4		12.4	M	46	ZeroCERT

3557	2020-12-05 14:57	cat.exe aed69bded2c5920724549a7112b9fecb VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName DNS Cryptographic key	2 Keyword trend analysis	4			10.8		21	ZeroCERT

3558	2020-12-05 15:00	Document.doc 3eb3e5dc0602f16df7b56c73b0286c14 VirusTotal Malware Malicious Traffic exploit crash unpack itself malicious URLs Exploit DNS crashed	1 Keyword trend analysis	2			5.2	M	29	ZeroCERT

3559	2020-12-05 15:01	exec.vbs 263982dde8e02ce8000fa16c41bba4e1 VirusTotal Malware suspicious privilege Check memory WMI Windows utilities Check virtual network interfaces suspicious process malicious URLs WriteConsoleW Windows ComputerName DNS					7.8	M	6	ZeroCERT

3560	2020-12-05 15:08	fmf.exe f54c36e34325f948dcd6149b97a54e16 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Ransomware Windows Tor ComputerName DNS Cryptographic key crashed					12.0	M	41	ZeroCERT

3561	2020-12-05 15:09	explorer.exe 34f69bb999cdcd848a03ed5f818ece74 VirusTotal Cryptocurrency Miner Malware Cryptocurrency suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself Auto service Check virtual network interfaces malicious URLs Windows ComputerName Cryptographic key		2	1		10.0	M	39	ZeroCERT

3562	2020-12-05 15:16	fmf.exe f54c36e34325f948dcd6149b97a54e16 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows ComputerName DNS Cryptographic key crashed		1			10.8	M	41	ZeroCERT

3563	2020-12-05 20:41	hvnc.exe cc0a01705f36cfda180bdefd9f5e5546 VirusTotal Malware Check memory buffers extracted DNS		1			2.8	M	51	ZeroCERT

3564	2020-12-05 20:42	M4hG5vM7xsh6UtV.exe 9941320d5c52f506797d60adaea602e3 Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities Checks Bios Detects VirtualBox suspicious process AppData folder malicious URLs AntiVM_Disk WriteConsoleW VMware anti-virtualization VM Disk Size Check installed browsers check Windows Browser Email ComputerName DNS Software	1 Keyword trend analysis	1	5		20.6	M	47	ZeroCERT

3565	2020-12-05 21:02	Q2ANYkCXSvnnbyu.exe d640cba456dbd9d81ac8b9644bda9319 VirusTotal Malware MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Windows ComputerName DNS		1			13.6	M	43	ZeroCERT

3566	2020-12-05 21:03	regasm.exe 836e51010d4dbb13353863bab000ea45 Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs AntiVM_Disk VM Disk Size Check installed browsers check Windows Browser Email ComputerName Trojan DNS Software	1 Keyword trend analysis	2	9 Info ET INFO DNS Query for Suspicious .ga Domain ET MALWARE Trojan Generic - POST To gate.php with no referer ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET INFO HTTP POST Request to Suspicious *.ga Domain ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2		15.2	M	48	ZeroCERT

3567	2020-12-05 21:06	sds.exe a96253a4b8d3dc0d9cece5aa9145813d VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName Cryptographic key					9.8		19	ZeroCERT

3568	2020-12-05 21:07	SPUpSvc.exe 7702048dd4f9a0c0633077053937101e VirusTotal Malware DNS					2.4	M	15	ZeroCERT

3569	2020-12-05 21:11	sds.exe a96253a4b8d3dc0d9cece5aa9145813d VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Windows ComputerName Cryptographic key	2 Keyword trend analysis	4			11.4		19	ZeroCERT

3570	2020-12-05 21:11	Statement.doc 05b75bd6bc817a75afee29cd4aad22a4 Vulnerability VirusTotal Malware unpack itself malicious URLs DNS					4.4	M	25	ZeroCERT

First
Previous
231
232
233
234
235
236
237
238
239
240
Next
Last
Total : 48,320cnts