Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
3751	2020-12-15 15:22	fortyseven.scr ffb62e258c1d595d7de22792aef45cca VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger unpack itself malicious URLs Windows Cryptographic key					5.4	M	18	ZeroCERT

3752	2020-12-15 15:38	fortyseven.scr ffb62e258c1d595d7de22792aef45cca VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger unpack itself malicious URLs Windows Cryptographic key					5.4	M	18	ZeroCERT

3753	2020-12-15 15:39	heavy.exe d3858ef6f7ab89450aaab1690885da3b VirusTotal Malware powershell AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself powershell.exe wrote Check virtual network interfaces suspicious process malicious URLs WriteConsoleW Tofsee Windows ComputerName DNS Cryptographic key	2 Keyword trend analysis	4	1		16.2	M	25	ZeroCERT

3754	2020-12-15 16:18	heavy.exe d3858ef6f7ab89450aaab1690885da3b VirusTotal Malware powershell AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself powershell.exe wrote Check virtual network interfaces suspicious process malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check Tofsee Windows ComputerName DNS Cryptographic key	2 Keyword trend analysis	3	1		15.2	M	37	r0d

3755	2020-12-15 18:11	hktestfile.scr 7da4f5e17791a774131c3c97538a2495 VirusTotal Malware Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows ComputerName Cryptographic key crashed					7.8	M	20	guest

3756	2020-12-15 18:11	JFjolfjed_.exe 61ae277818f7f258b41cee010f3914d2 VirusTotal Malware Malicious Traffic RWX flags setting unpack itself malicious URLs Interception DNS crashed	1 Keyword trend analysis	4			6.4	M	39	guest

3757	2020-12-15 18:19	kdotx.scr 4ddf98cd8e5a012c02850f0a988adf2c VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger unpack itself malicious URLs Windows Cryptographic key					5.8	M	34	guest

3758	2020-12-15 18:19	kingtroupx.scr d16ccfd5f5e6cd6a6324c79c9a66a90a VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger unpack itself malicious URLs Windows DNS Cryptographic key					6.6	M	40	guest

3759	2020-12-16 09:10	kingtroupxtwo.scr d19c1f5071b995ed4bdefa7dfa86a2f5 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows Browser Email ComputerName Cryptographic key Software crashed keylogger					11.4	M	12	guest

3760	2020-12-16 09:11	KINO.exe e74426f4ab322e220a00be7558b892de VirusTotal Malware Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces suspicious process malicious URLs WriteConsoleW Tofsee ComputerName DNS	1 Keyword trend analysis	2	1		5.4	M	21	guest

3761	2020-12-16 09:13	pdf.exe 48a9add9e1b4b99548e564dfbdcb8a9f VirusTotal Malware MachineGuid Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces malicious URLs Tofsee		3	1		4.6	M	42	guest

3762	2020-12-16 09:15	regasm.exe b8561eed84f227c88c7b8d3a106be5ab Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs AntiVM_Disk VM Disk Size Check installed browsers check Windows Browser Email ComputerName Trojan DNS Software	1 Keyword trend analysis	2	10 Info ET INFO DNS Query for Suspicious .ga Domain ET MALWARE Trojan Generic - POST To gate.php with no referer ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET INFO HTTP POST Request to Suspicious *.ga Domain ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Fake 404 Response	1	15.2	M	49	guest

3763	2020-12-16 09:46	Rep_LI6.doc 8e842b5a5672e46538f5d6fea2275579 Vulnerability VirusTotal Malware unpack itself malicious URLs Windows		2	1		4.2	M	26	guest

3764	2020-12-16 09:46	SkIoKdBiDxtQ2g1.exe 89a6ece185d652883f32474e5c0df7c7 VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself suspicious process malicious URLs WriteConsoleW Windows DNS DDNS		2	1		15.6	M	47	guest

3765	2020-12-16 09:50	SkIoKdBiDxtQ2g1.exe 89a6ece185d652883f32474e5c0df7c7 VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself suspicious process malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check Windows DNS DDNS		2	1		14.8	M	47	ZeroCERT

First
Previous
251
252
253
254
255
256
257
258
259
260
Next
Last
Total : 48,345cnts