Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
3571	2020-12-05 21:26	vbc.exe 5ab9f695129d6509186bcc05baab0f7e Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted ICMP traffic unpack itself malicious URLs installed browsers check Windows Browser Email ComputerName Software		1			13.8	M	46	ZeroCERT

3572	2020-12-05 21:27	vbc2.exe 2ddd5d153ac811ba0aced89b7355c46e VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows ComputerName DNS Cryptographic key crashed					10.8	M	50	ZeroCERT

3573	2020-12-05 21:34	vdc.exe f10cd98e8df73e2b61b07d9109fad279 VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName Cryptographic key	1 Keyword trend analysis	3	1		12.0	M	39	ZeroCERT

3574	2020-12-05 21:34	windows.exe 5fe400f1996dbd5de9a08aaca6247691 VirusTotal Malware Check memory Checks debugger unpack itself Check virtual network interfaces Windows DNS Cryptographic key		1			4.2	M	47	ZeroCERT

3575	2020-12-05 21:40	xzx.exe aed69bded2c5920724549a7112b9fecb VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName Cryptographic key					10.0		21	ZeroCERT

3576	2020-12-05 21:43	xzx.exe aed69bded2c5920724549a7112b9fecb VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName Cryptographic key	2 Keyword trend analysis	4			11.8		21	ZeroCERT

3577	2020-12-05 21:43	zeppelin.exe 43a791cfe3e906f15a432943088450a1 Emotet VirusTotal Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Checks debugger WMI Creates executable files ICMP traffic unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW shadowcopy delete Turn off Windows Error Recovery notification window IP Check Tofsee Ransomware Windows ComputerName DNS crashed	4 Keyword trend analysis	5	2		16.2	M	61	ZeroCERT

3578	2020-12-05 21:50	Zo2un9fbw9ViahZ.exe 54c6ab9b65394bed4ba14597527e6b0c Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Malicious Traffic Check memory Checks debugger Creates executable files unpack itself Windows utilities Checks Bios Detects VirtualBox Check virtual network interfaces suspicious process AppData folder WriteConsoleW VMware anti-virtualization IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	2 Keyword trend analysis	4	4		15.6	M	44	ZeroCERT

3579	2020-12-05 21:50	64.exe 7ad391e28c21103220b470a1cad04031 VirusTotal Malware unpack itself malicious URLs DNS					3.2	M	55	ZeroCERT

3580	2020-12-05 22:00	Cfilee.exe 62cc2122b768585dfa5eb344d643a699 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Ransomware Windows Tor ComputerName Cryptographic key crashed					14.2	M	42	ZeroCERT

3581	2020-12-05 22:01	document.doc fd6c617a0e1b28942efe0c2586efd2fb Malware download VirusTotal Malware Malicious Traffic exploit crash unpack itself malicious URLs Windows Exploit DNS crashed		1	6 Info ET INFO Executable Download from dotted-quad Host ET MALWARE Possible Malicious Macro DL EXE Feb 2016 ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET POLICY PE EXE or DLL Windows file download HTTP ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response		5.4	M	30	ZeroCERT

3582	2020-12-05 22:14	order.exe 7233609dce6e7f86b1069a088271232e VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows ComputerName Cryptographic key crashed					10.2	M	41	ZeroCERT

3583	2020-12-05 22:15	QRXeOdUBgWSfG3o.exe 07bebed55929a95310513fe0a46f0c8c VirusTotal Malware suspicious privilege Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Ransomware Windows Tor ComputerName DNS crashed					9.8	M	46	ZeroCERT

3584	2020-12-07 09:52	order.exe 7233609dce6e7f86b1069a088271232e VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows ComputerName Cryptographic key crashed					10.2	M	46	ZeroCERT

3585	2020-12-07 09:54	tot.exe 460818c22adbaf5fdac55b38f153e169 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Ransomware Windows Tor ComputerName DNS Cryptographic key crashed					12.0	M	47	ZeroCERT

First
Previous
231
232
233
234
235
236
237
238
239
240
Next
Last
Total : 48,320cnts