Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
44731	2020-12-07 10:04	uSIcRdpFEAFX35C.exe 7c92c8463015b846cbe9e0fc155ab1d4 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Malicious Traffic Check memory Checks debugger Creates executable files unpack itself Windows utilities Checks Bios Detects VirtualBox Check virtual network interfaces suspicious process AppData folder malicious URLs WriteConsoleW VMware anti-virtualization IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	2 Keyword trend analysis	4	4		15.4	M	50	ZeroCERT

44732	2020-12-07 10:04	UGOFILE.exe a118146135570c780e1102afd3b5b135 VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Ransomware Windows Tor ComputerName Cryptographic key crashed					16.0	M	44	ZeroCERT

44733	2020-12-07 09:54	tot.exe 460818c22adbaf5fdac55b38f153e169 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Ransomware Windows Tor ComputerName DNS Cryptographic key crashed					12.0	M	47	ZeroCERT

44734	2020-12-07 09:52	order.exe 7233609dce6e7f86b1069a088271232e VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows ComputerName Cryptographic key crashed					10.2	M	46	ZeroCERT

44735	2020-12-05 22:15	QRXeOdUBgWSfG3o.exe 07bebed55929a95310513fe0a46f0c8c VirusTotal Malware suspicious privilege Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Ransomware Windows Tor ComputerName DNS crashed					9.8	M	46	ZeroCERT

44736	2020-12-05 22:14	order.exe 7233609dce6e7f86b1069a088271232e VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows ComputerName Cryptographic key crashed					10.2	M	41	ZeroCERT

44737	2020-12-05 22:01	document.doc fd6c617a0e1b28942efe0c2586efd2fb Malware download VirusTotal Malware Malicious Traffic exploit crash unpack itself malicious URLs Windows Exploit DNS crashed		1	6 Info ET INFO Executable Download from dotted-quad Host ET MALWARE Possible Malicious Macro DL EXE Feb 2016 ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET POLICY PE EXE or DLL Windows file download HTTP ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response		5.4	M	30	ZeroCERT

44738	2020-12-05 22:00	Cfilee.exe 62cc2122b768585dfa5eb344d643a699 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Ransomware Windows Tor ComputerName Cryptographic key crashed					14.2	M	42	ZeroCERT

44739	2020-12-05 21:50	64.exe 7ad391e28c21103220b470a1cad04031 VirusTotal Malware unpack itself malicious URLs DNS					3.2	M	55	ZeroCERT

44740	2020-12-05 21:50	Zo2un9fbw9ViahZ.exe 54c6ab9b65394bed4ba14597527e6b0c Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Malicious Traffic Check memory Checks debugger Creates executable files unpack itself Windows utilities Checks Bios Detects VirtualBox Check virtual network interfaces suspicious process AppData folder WriteConsoleW VMware anti-virtualization IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	2 Keyword trend analysis	4	4		15.6	M	44	ZeroCERT

44741	2020-12-05 21:43	zeppelin.exe 43a791cfe3e906f15a432943088450a1 Emotet VirusTotal Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Checks debugger WMI Creates executable files ICMP traffic unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW shadowcopy delete Turn off Windows Error Recovery notification window IP Check Tofsee Ransomware Windows ComputerName DNS crashed	4 Keyword trend analysis	5	2		16.2	M	61	ZeroCERT

44742	2020-12-05 21:43	xzx.exe aed69bded2c5920724549a7112b9fecb VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName Cryptographic key	2 Keyword trend analysis	4			11.8		21	ZeroCERT

44743	2020-12-05 21:40	xzx.exe aed69bded2c5920724549a7112b9fecb VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName Cryptographic key					10.0		21	ZeroCERT

44744	2020-12-05 21:34	windows.exe 5fe400f1996dbd5de9a08aaca6247691 VirusTotal Malware Check memory Checks debugger unpack itself Check virtual network interfaces Windows DNS Cryptographic key		1			4.2	M	47	ZeroCERT

44745	2020-12-05 21:34	vdc.exe f10cd98e8df73e2b61b07d9109fad279 VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName Cryptographic key	1 Keyword trend analysis	3	1		12.0	M	39	ZeroCERT