Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
3586	2020-12-07 10:04	UGOFILE.exe a118146135570c780e1102afd3b5b135 VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Ransomware Windows Tor ComputerName Cryptographic key crashed					16.0	M	44	ZeroCERT

3587	2020-12-07 10:04	uSIcRdpFEAFX35C.exe 7c92c8463015b846cbe9e0fc155ab1d4 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Malicious Traffic Check memory Checks debugger Creates executable files unpack itself Windows utilities Checks Bios Detects VirtualBox Check virtual network interfaces suspicious process AppData folder malicious URLs WriteConsoleW VMware anti-virtualization IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	2 Keyword trend analysis	4	4		15.4	M	50	ZeroCERT

3588	2020-12-07 10:08	vbc.exe 65e86fe236bbdf389af34b2e8cf8f211 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger unpack itself malicious URLs Windows Cryptographic key					7.0	M	44	ZeroCERT

3589	2020-12-07 10:09	sds.exe a96253a4b8d3dc0d9cece5aa9145813d VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName DNS Cryptographic key					12.0	M	44	ZeroCERT

3590	2020-12-07 10:18	http://ddy7itsuemb9i.cloudfron... 54489170004186836278a03ea804c297 Dridex Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	2 Keyword trend analysis	2	3		4.2			ZeroCERT

3591	2020-12-07 10:29	l3j9d.exe 115b08b31b94ea10abe9de2764f26e24 VirusTotal Malware unpack itself					2.4		40	r0d

3592	2020-12-07 10:38	1_4_3.xls 890522e2846bc9ae0ee808db164ccdb5 Dridex VirusTotal Malware Creates executable files unpack itself malicious URLs Tofsee		2	3		4.0	M	25	ZeroCERT

3593	2020-12-07 10:38	conhosts.exe a9e34ef1f1dd7f773bc6941d9b9e3ad9 VirusTotal Malware AutoRuns Code Injection Check memory Creates executable files Windows utilities malicious URLs WriteConsoleW Windows DNS keylogger		2			8.6	M	58	ZeroCERT

3594	2020-12-07 10:43	dev.exe a96253a4b8d3dc0d9cece5aa9145813d VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName DNS Cryptographic key					11.0	M	44	ZeroCERT

3595	2020-12-07 10:45	lv.exe 71a1b9ea48dc4af9f3a0750be7b621b2 Cryptocurrency Miner Cryptocurrency AutoRuns suspicious privilege Check memory Checks debugger Creates shortcut Creates executable files unpack itself Windows utilities Checks Bios Detects VMWare suspicious process AppData folder malicious URLs AntiVM_Disk WriteConsoleW VMware anti-virtualization IP Check VM Disk Size Check Windows Tor ComputerName DNS crashed	1 Keyword trend analysis	12	8 Info ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 190 ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 360 ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 792 ET POLICY TLS possible TOR SSL traffic ET POLICY External IP Lookup ip-api.com ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 828 ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 719 ET POLICY Cryptocurrency Miner Checkin		13.6			ZeroCERT

3596	2020-12-07 10:47	dev.exe a96253a4b8d3dc0d9cece5aa9145813d VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName Cryptographic key		1			10.4	M	44	ZeroCERT

3597	2020-12-07 10:58	pipsanet.exe c034bcd052ce55471088ff3c367dfcec unpack itself Remote Code Execution					1.6	M		ZeroCERT

3598	2020-12-07 10:59	tasksmgr.exe 1531789c1af6e12b18ee39a1b2c607be VirusTotal Malware RWX flags setting unpack itself Disables Windows Security malicious URLs Windows crashed					5.0	M	63	ZeroCERT

3599	2020-12-07 10:59	Marry.png.exe d902eaa925495109b9beaf4126a7fec0 VirusTotal Malware PDB unpack itself					2.0	M	11	ZeroCERT

3600	2020-12-07 11:01	xpertee.exe 2e6f05e8245b62297355f070a6f966df VirusTotal Malware RWX flags setting unpack itself Disables Windows Security malicious URLs Windows crashed					5.0	M	63	ZeroCERT

First
Previous
231
232
233
234
235
236
237
238
239
240
Next
Last
Total : 48,320cnts