Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
44371	2020-12-24 16:43	S143.txt.exe b766cc43d649d30e9f27aff8f7ee7de0 VirusTotal Malware Check memory malicious URLs sandbox evasion DNS		2			3.4	M	54	ZeroCERT

44372	2020-12-24 16:43	servis.exe a20399351b23e0bf909677d85c1025cb VirusTotal Malware Buffer PE Check memory buffers extracted Creates executable files unpack itself AppData folder malicious URLs					4.8	M	23	ZeroCERT

44373	2020-12-24 13:49	rc.exe a93af1e2096c6baa9909f2aa868666e5 Emotet VirusTotal Malware Buffer PE AutoRuns Code Injection Malicious Traffic buffers extracted Creates executable files RWX flags setting unpack itself Windows utilities AppData folder malicious URLs Tofsee Interception Windows DNS		7	1		13.4	M	29	ZeroCERT

44374	2020-12-24 13:47	ox9.png.exe 68cf96f4bc91628e22e1526d9728990b VirusTotal Malware unpack itself Windows crashed					2.2	M	28	ZeroCERT

44375	2020-12-24 13:44	oscvjkfd.exe 0c0166dba45d03d2b7907707fa7dcdaa Browser Info Stealer Malware download Vidar VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Windows utilities Collect installed applications suspicious process AppData folder malicious URLs WriteConsoleW anti-virtualization installed browsers check OskiStealer Stealer Windows Browser Email ComputerName DNS	8 Keyword trend analysis	2	2		19.2	M	40	ZeroCERT

44376	2020-12-24 13:44	7f38e3a99fb22f52_ms.exe d346cb431e94bc1c8399fecfc7db0e84 PDB Check memory RWX flags setting unpack itself Remote Code Execution DNS		1			2.2			ZeroCERT

44377	2020-12-24 13:42	yarobelo.scr c7c46db118df6a8d6c9deb69fa6b765b Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces malicious URLs IP Check Tofsee Ransomware Windows Browser Tor Email ComputerName Cryptographic key Software crashed keylogger	2 Keyword trend analysis	4	1		15.0	M	18	guest

44378	2020-12-24 13:40	Notificacao-Judicial.doc cd929ccba2c3615256dcbf4ea0ef8062 Vulnerability VirusTotal Malware Creates executable files unpack itself malicious URLs					4.6	M	33	ZeroCERT

44379	2020-12-24 13:39	I6NABH.doc 15bbcf602204407d7e9acb87b6f16920 Vulnerability VirusTotal Malware unpack itself malicious URLs DNS					4.0	M	22	ZeroCERT

44380	2020-12-24 11:28	fJFvQerztXQCWBaMQcu6.dll 43af5eee7704a7ce4914a279dad5b8c7 VirusTotal Malware Malicious Traffic Checks debugger RWX flags setting unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName DNS Cryptographic key		2			7.8	M	13	ZeroCERT

44381	2020-12-24 11:28	Hiring & Working Conditions..d... e7f658ee69fb3bb6f5bd9ae81d2400cd Vulnerability VirusTotal Malware unpack itself malicious URLs					4.0	M	26	ZeroCERT

44382	2020-12-24 10:52	ds2.exe 909bafa3ad6f8f92a6a3f6e43657766b VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Disables Windows Security powershell.exe wrote suspicious process malicious URLs Windows ComputerName DNS Cryptographic key					11.4	M	27	ZeroCERT

44383	2020-12-24 10:52	ds1.exe a17b2168e387499d984ce735b429c203 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself malicious URLs crashed					8.8	M	33	ZeroCERT

44384	2020-12-24 10:37	ds1.exe a17b2168e387499d984ce735b429c203 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself malicious URLs DNS crashed					9.4	M	33	ZeroCERT

44385	2020-12-24 10:37	ds2.exe 909bafa3ad6f8f92a6a3f6e43657766b VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Disables Windows Security powershell.exe wrote suspicious process malicious URLs Windows ComputerName Cryptographic key					10.8	M	27	ZeroCERT