Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
44101	2021-01-06 10:21	003982.xls 1d97c6cb50c4107498e4f0e76f539f0c Dridex VirusTotal Malware Creates executable files unpack itself malicious URLs Tofsee DNS		2	3		4.6	M	11	ZeroCERT

44102	2021-01-06 10:19	BavwKzfNo6hxk.dll 9d7b87ffd95d99fd6116b9903905ed5d VirusTotal Malware PDB Checks debugger unpack itself					2.4	M	24	ZeroCERT

44103	2021-01-06 10:12	5bYDAStoeJnLmro.exe 1c1bdd57483bbfbb497b4596be12b053 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Ransomware Windows ComputerName DNS keylogger	1 Keyword trend analysis	3	1		14.8	M	19	ZeroCERT

44104	2021-01-06 10:12	9B6B5MH2MQOSO7G.doc 03f2d43afd5248f0c4a7e34089da69c5 Vulnerability VirusTotal Malware Malicious Traffic unpack itself malicious URLs Tofsee Windows DNS	1 Keyword trend analysis	5	5 Info SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET INFO EXE - Served Attached HTTP ET INFO EXE IsDebuggerPresent (Used in Malware Anti-Debugging)	1	5.4	M	32	ZeroCERT

44105	2021-01-06 10:06	gfers.exe 46c84e26e75238c5c743e1e4a7f51291 VirusTotal Malware unpack itself Remote Code Execution					3.2	M	44	r0d

44106	2021-01-06 10:01	ZyItXvsE7HAYNVDosaf9.dll 54137e29f5a9215a5149a8a500713bb7 VirusTotal Malware PDB Checks debugger unpack itself					2.4	M	21	r0d

44107	2021-01-06 09:14	VUF3IMQ.doc 649f2a420a81de4b4ad455ad108ebcde Vulnerability VirusTotal Malware Malicious Traffic unpack itself malicious URLs Tofsee Windows DNS	2 Keyword trend analysis	5	5 Info SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET INFO EXE - Served Attached HTTP ET INFO EXE IsDebuggerPresent (Used in Malware Anti-Debugging)	1	5.4	M	34	ZeroCERT

44108	2021-01-06 09:11	ZyItXvsE7HAYNVDosaf9.dll 54137e29f5a9215a5149a8a500713bb7 VirusTotal Malware PDB Checks debugger unpack itself					2.4	M	21	ZeroCERT

44109	2021-01-05 18:00	Ko13uJi9Bl72A.dll baa3b73eb44661d2344fa8937abb80b6 VirusTotal Malware PDB Checks debugger unpack itself					2.0	M	9	ZeroCERT

44110	2021-01-05 17:46	gfers.exe 46c84e26e75238c5c743e1e4a7f51291 VirusTotal Malware unpack itself Remote Code Execution					3.0	M	31	ZeroCERT

44111	2021-01-05 17:45	Ko13uJi9Bl72A.dll baa3b73eb44661d2344fa8937abb80b6 VirusTotal Malware PDB Checks debugger unpack itself					2.0	M	9	ZeroCERT

44112	2021-01-05 17:23	7tehkFO89i.dll cb30d172ddbb89fba055752fbe2a1c40 VirusTotal Malware PDB Checks debugger unpack itself					2.0		9	ZeroCERT

44113	2021-01-05 17:23	bQMEU4cxOsvWqLu.dll 10da945d47add24cb0a8772a6d377cfa VirusTotal Malware PDB Checks debugger unpack itself					2.0		8	ZeroCERT

44114	2021-01-05 16:12	6VT6V4ZZKLI.doc 9ee696912dd9b1abc7eac2bd9b7cd801 Vulnerability VirusTotal Malware Malicious Traffic unpack itself malicious URLs Windows DNS	1 Keyword trend analysis	3	4	1	5.2	M	20	guest

44115	2021-01-05 16:12	OXT1RTQ220SEKO8.doc 270cd0aeb2ee2dd4d04ebe2d03b64d47 Vulnerability VirusTotal Malware Malicious Traffic unpack itself malicious URLs Windows DNS	1 Keyword trend analysis	3	4	1	5.2	M	20	guest