Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
44041	2021-01-07 10:44	7.exe d17b424e6865ccfc1f790313c85347e2 VirusTotal Malware Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs					7.2	M	46	ZeroCERT

44042	2021-01-06 16:58	130322_FS_Setup.exe 0127495b7b6ec2eeb59684745fbcdf16 VirusTotal Malware Check memory unpack itself crashed					2.0		15	ZeroCERT

44043	2021-01-06 16:49	Memory.dll 497945ee7ca679b7418cac2878bbf5f5 VirusTotal Malware PDB					1.0		27	ZeroCERT

44044	2021-01-06 16:49	Covid.exe e411c3f52ab65f10ee11803cc9690b98 VirusTotal Malware Check memory Checks debugger unpack itself malicious URLs ComputerName					4.0		50	ZeroCERT

44045	2021-01-06 16:40	mingup.png.exe 55bcb797020499f04a23fbcbe04bc76c suspicious privilege unpack itself					1.4			ZeroCERT

44046	2021-01-06 16:40	saved.png.exe 7a64c58e79f3d1128eeaa60a98c3cca3 Dridex TrickBot Malware suspicious privilege buffers extracted unpack itself Check virtual network interfaces Kovter ComputerName DNS crashed		3	2		4.6			ZeroCERT

44047	2021-01-06 16:32	J5a.dll 3f1a591c4937db3f9afe9cdc24d93ebd VirusTotal Malware PDB suspicious privilege Malicious Traffic Checks debugger buffers extracted Creates shortcut RWX flags setting unpack itself malicious URLs AntiVM_Disk VM Disk Size Check installed browsers check Windows Browser Advertising ComputerName DNS Cryptographic key	1 Keyword trend analysis	1		1	8.0	M	28	ZeroCERT

44048	2021-01-06 16:32	dart.exe 74edc4367f0255fe8d975bf6dc564e6b VirusTotal Malware Check memory Checks debugger unpack itself Remote Code Execution DNS					2.8	M	16	ZeroCERT

44049	2021-01-06 16:25	익스플로러_바로열기 (cJqHFuRC2G6109UMtI... 7367b903c1b2b300c5651e8ca924ed35 Dridex Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed			3		3.8			ZeroCERT

44050	2021-01-06 16:19	익스플로러_바로열기 (cJqHFuRC2G6109UMtI... bd7fb384526f0914a546447d48a62346 Dridex Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed			3		3.8			ZeroCERT

44051	2021-01-06 16:16	익스플로러_바로열기 (cJqHFuRC2G6109UMtI... bd7fb384526f0914a546447d48a62346 malicious URLs					0.8			ZeroCERT

44052	2021-01-06 15:55	3LDGWARW706.doc c0732c214d0494afe513a1514ae98788 Vulnerability VirusTotal Malware Malicious Traffic unpack itself malicious URLs Tofsee DNS		14 Info astrologiaexistencial.com(31.22.4.141) - malware mail.ninosindigochile.cl(104.248.239.10) - mailcious mirvalgroup.com(167.99.163.124) - mailcious walkerswebshop.com(149.255.62.16) - mailcious unimedunihealth.com(104.27.135.101) - mailcious www.dirgantaratuba.com(202.67.13.163) - mailcious wp.gensoukyou.org(104.31.65.148) - mailcious 104.248.239.10 - mailcious 31.22.4.141 - malware 149.255.62.16 - mailcious 202.67.13.163 - mailcious 167.99.163.124 - mailcious 104.27.134.101 172.67.188.124	1		6.4	M	35	ZeroCERT

44053	2021-01-06 15:55	cTHpZsqIli.dll 6f84430dd332eb84e49f6b74319c7920 VirusTotal Malware PDB suspicious privilege Checks debugger buffers extracted Creates shortcut RWX flags setting unpack itself malicious URLs AntiVM_Disk sandbox evasion VM Disk Size Check installed browsers check Windows Browser Advertising ComputerName DNS Cryptographic key crashed		2	1		8.8	M	24	ZeroCERT

44054	2021-01-06 15:19	JIYAOcNz9PnnHBPR8IE.dll 8c5d3647e0f6ddc816f68672d676e185 Checks debugger RWX flags setting unpack itself sandbox evasion					2.6	M		ZeroCERT

44055	2021-01-06 15:19	aLOKKbSPhUWqcVCXI.dll ecad7f36a5e3c8fe798c5b04b50cd1a4 VirusTotal Malware Checks debugger RWX flags setting unpack itself sandbox evasion					3.2		12	ZeroCERT