Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
44761	2020-12-05 14:57	cat.exe aed69bded2c5920724549a7112b9fecb VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName DNS Cryptographic key	2 Keyword trend analysis	4			10.8		21	ZeroCERT

44762	2020-12-05 14:55	CNsF60DZWxKsruz.exe 217eb71821d9bbc6d45ac8f779dac415 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Malicious Traffic Check memory Checks debugger Creates executable files unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder malicious URLs WriteConsoleW IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	2 Keyword trend analysis	4	4		12.4	M	46	ZeroCERT

44763	2020-12-05 14:52	cat.exe aed69bded2c5920724549a7112b9fecb VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName Cryptographic key					9.4		21	ZeroCERT

44764	2020-12-05 14:51	brisnew.exe 765aee553a4ea6e7a020b1274f084523 VirusTotal Malware malicious URLs					3.0	M	57	ZeroCERT

44765	2020-12-04 19:54	911,.exe 5fe400f1996dbd5de9a08aaca6247691 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware Cryptocurrency wallets Cryptocurrency suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Collect installed applications Check virtual network interfaces malicious URLs IP Check installed browsers check Tofsee Ransomware Windows Browser ComputerName DNS Cryptographic key Software crashed	3 Keyword trend analysis	9	2		10.2	M	36	ZeroCERT

44766	2020-12-04 19:54	Agreement.doc 8dbd7494ae3530a9cbdf92417ebd8dbb Vulnerability VirusTotal Malware unpack itself DNS					4.2	M	35	ZeroCERT

44767	2020-12-04 10:28	Agreement.doc 8dbd7494ae3530a9cbdf92417ebd8dbb Vulnerability VirusTotal Malware unpack itself malicious URLs DNS					4.6	M	35	ZeroCERT

44768	2020-12-04 10:28	vbc2.exe 72a6ffd61da66f8ae0d41d1aa8838ce5 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Ransomware Windows Tor ComputerName Cryptographic key crashed					11.6	M	24	ZeroCERT

44769	2020-12-04 09:33	vbc.exe 1c6ed3bcf41b33fe14fe50272971382b VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities AppData folder malicious URLs Windows DNS Cryptographic key	4 Keyword trend analysis Info http://www.tiktokautos.com/o56q/?OVlh0R=o2J8lZBhAHJpXv-0&1bO8Ax=XZvhlsgKWxyQ0t1iDDrOveeN+6JSoEY8tfL74Vlf6hXngOdA5J5gxYp9MeI96JITU6uv+3h4 http://www.figg00.club/o56q/ http://www.tiktokautos.com/o56q/ http://www.figg00.club/o56q/?1bO8Ax=a3IEuO38lcLl6LP/puMwnwDcAvM1e3Yg30DqUorEJK/i4Ofib9xnaJ+9HyCEVvh0TwfWa+4f&OVlh0R=o2J8lZBhAHJpXv-0	4			12.2		19	guest

44770	2020-12-04 09:33	usz.exe cd3447e735794c5ade341853fe99d475 VirusTotal Malware RWX flags setting unpack itself malicious URLs Tofsee Interception crashed	1 Keyword trend analysis	4	1		4.8	M	52	guest

44771	2020-12-04 09:26	up.msi 9683fe8119a9058c5b1eacc1c968e5e4 VirusTotal Malware suspicious privilege Check memory Checks debugger Creates shortcut unpack itself malicious URLs AntiVM_Disk VM Disk Size Check installed browsers check Browser ComputerName DNS					5.0	M	12	guest

44772	2020-12-04 09:25	sv.exe d248eb26ef65773b3af209f52224c360 VirusTotal Malware Check memory RWX flags setting unpack itself malicious URLs AntiVM_Disk anti-virtualization VM Disk Size Check					4.0	M	28	guest

44773	2020-12-04 09:04	gfers.exe 5255cbe95f3798371938f310bdee3b0b VirusTotal Malware unpack itself DNS					2.4	M	26	guest

44774	2020-12-04 09:04	fonts.exe 299ae4914e609775310147c16f8ab0e0 VirusTotal Malware Buffer PE AutoRuns suspicious privilege MachineGuid Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW human activity check Windows ComputerName DNS DDNS		2	1		12.8	M	51	guest

44775	2020-12-03 18:24	CITOFILEE.exe ca04f1f84bfba357557bc92670a4b12e VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Windows ComputerName DNS crashed					15.0	M	42	ZeroCERT