Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
44236	2020-12-30 16:13	s.png 1d4654e47e61992054ead321f01f500a VirusTotal Malware PDB Check memory Checks debugger WMI unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName crashed		2	1		3.4	M	8	guest

44237	2020-12-30 16:10	WZTKNIPL9G.doc 890529f87a0e9a8818f5c09fa3b78190 Vulnerability VirusTotal Malware Report Malicious Traffic unpack itself malicious URLs Tofsee DNS		14 Info thexanhmy.com(103.116.105.65) - malware www.adnlight.com(31.24.154.183) - malware www.taylordbackups.com(172.67.134.70) - mailcious www.shortnr.xyz(205.196.222.8) - mailcious nicoblogroms.com(104.27.174.230) - mailcious valenciancountry.com(151.80.40.117) - malware 104.27.174.230 151.80.40.117 - malware 31.24.154.183 - malware 24.164.79.147 - mailcious 172.67.134.70 205.196.222.8 - mailcious 74.58.215.226 - mailcious 103.116.105.65 - mailcious	2		6.4	M	30	guest

44238	2020-12-30 16:08	rO2RgSKfsrmk.dll 4edaa3f823ee280d979ee326df5a5761 VirusTotal Malware Check memory unpack itself crashed					2.4	M	20	guest

44239	2020-12-30 16:03	Q76T.dll bf6a524f5543cde20b6fb911edb2a467 unpack itself crashed					1.4			guest

44240	2020-12-30 16:00	Q76T.dll bf6a524f5543cde20b6fb911edb2a467 Check memory unpack itself crashed					1.6			guest

44241	2020-12-30 15:56	Q76T.dll bf6a524f5543cde20b6fb911edb2a467 unpack itself crashed					1.4			guest

44242	2020-12-30 15:53	Q76T.dll bf6a524f5543cde20b6fb911edb2a467 unpack itself crashed					1.0			guest

44243	2020-12-30 15:50	Q76T.dll bf6a524f5543cde20b6fb911edb2a467 Check memory unpack itself crashed					1.2			guest

44244	2020-12-30 15:48	Q76T.dll bf6a524f5543cde20b6fb911edb2a467 unpack itself crashed					1.0			guest

44245	2020-12-30 15:47	Q76T.dll bf6a524f5543cde20b6fb911edb2a467 Check memory unpack itself crashed					1.2			guest

44246	2020-12-30 15:21	Q76T.dll bf6a524f5543cde20b6fb911edb2a467 Check memory unpack itself DNS crashed	1 Keyword trend analysis	1	2		2.2			guest

44247	2020-12-30 15:12	ddmFdMlJPTe.dll 7a2c605d0319735cc9731068755fbfb4 VirusTotal Malware Report Malicious Traffic Checks debugger buffers extracted RWX flags setting unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName DNS Cryptographic key	1 Keyword trend analysis	3	3		7.8	M	23	r0d

44248	2020-12-30 15:09	Q76T.dll bf6a524f5543cde20b6fb911edb2a467 Check memory unpack itself DNS crashed	1 Keyword trend analysis	1	2		2.2			guest

44249	2020-12-30 15:07	VK-7943 Medical report COVID-1... 269501eeb73d9e3f1d039ad945bee4d9 Vulnerability Malware Report Malicious Traffic unpack itself malicious URLs Windows DNS	1 Keyword trend analysis	6	5 Info ET CNC Feodo Tracker Reported CnC Server group 21 ET POLICY PE EXE or DLL Windows file download HTTP ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download ET INFO EXE - Served Attached HTTP ET INFO EXE IsDebuggerPresent (Used in Malware Anti-Debugging)		5.4	M		r0d

44250	2020-12-30 15:02	Q76T.dll bf6a524f5543cde20b6fb911edb2a467 Check memory unpack itself DNS crashed	1 Keyword trend analysis	1	2		2.2			guest