Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
44776	2020-12-03 18:24	Docfilee.exe 0944e0c972d024453b93721fe0f858ac VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Ransomware Windows Tor ComputerName Cryptographic key crashed					12.6	M	37	ZeroCERT

44777	2020-12-03 18:20	CITOFILEE.exe ca04f1f84bfba357557bc92670a4b12e VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Ransomware Windows Tor ComputerName DNS crashed					16.8	M	42	ZeroCERT

44778	2020-12-03 18:20	BPnKFS5PfOiBexR.exe 388e384c4c02caac812266f016261f8a VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Ransomware Tor					9.4	M	38	ZeroCERT

44779	2020-12-03 18:11	ayo.exe f2ab91d278df7177635900a32813985b VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities AppData folder malicious URLs Windows DNS Cryptographic key	6 Keyword trend analysis Info http://www.schobbedeckel.com/coz3/?DzrLW=VBZHT4dPwd24lf&EZU4DD=zWOJXB89j6ErVmSZOmXnA67SP0dbk4tfAP8mMo5+bM1VeyM9d4GZBm/C/PoQZP2cVAaPVYbr http://www.kuiper-lisbonne.com/coz3/ http://www.schobbedeckel.com/coz3/ http://www.4winner.xyz/coz3/ http://www.4winner.xyz/coz3/?EZU4DD=FzJRfMhWRKGiYclJ2fjURHKUBPNrbzlUUrVaU7rnUM0+6b/b9R1IlURCHDhNs/vKkhzr0NIG&DzrLW=VBZHT4dPwd24lf http://www.kuiper-lisbonne.com/coz3/?DzrLW=VBZHT4dPwd24lf&EZU4DD=+J6EpY7BGcbnrHk/EgzqrukiApipIGIoK43fot8tVitmMhl44tuzmxcfYDW2Rp4o3kavQFSI	7			12.8	M	42	ZeroCERT

44780	2020-12-03 18:11	108.msi 4da38b49c3930a8e94f785fd80204aaa VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger unpack itself malicious URLs AntiVM_Disk VM Disk Size Check ComputerName DNS	1 Keyword trend analysis	1			4.6	M	12	ZeroCERT

44781	2020-12-03 16:42	vbc.exe bd49ddf00b88c89d85f4b4f5c95778c4 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs AntiVM_Disk VM Disk Size Check installed browsers check Windows Browser Email ComputerName DNS Software		1	1		13.8	M	36	ZeroCERT

44782	2020-12-03 16:41	document.doc 27d241810f2d9343e83a197f1702cd36 VirusTotal Malware Malicious Traffic exploit crash unpack itself malicious URLs Windows Exploit DNS crashed Downloader		2	7 Info ET INFO DNS Query for Suspicious .ga Domain ET INFO Executable Download from dotted-quad Host ET CURRENT_EVENTS Terse alphanumeric executable downloader high likelihood of being hostile ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET POLICY PE EXE or DLL Windows file download HTTP ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response		5.2	M	29	ZeroCERT

44783	2020-12-03 16:29	vbc.exe 2aaa15e28835feda9a2e223d82db2126 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs installed browsers check Windows Browser Email ComputerName Software		1			12.6	M	27	ZeroCERT

44784	2020-12-03 16:28	wxm.exe c0860ff6100446a4633e5e1b9f0ef6f8 VirusTotal Malware unpack itself malicious URLs					2.4	M	53	ZeroCERT

44785	2020-12-03 16:25	updatewin2.exe 996ba35165bb62473d2a6743a5200d45 VirusTotal Malware unpack itself Windows Remote Code Execution					3.6	M	64	ZeroCERT

44786	2020-12-03 16:24	umu.exe 5d14a94c16571b7876ccb286cdb15893 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger unpack itself malicious URLs Windows Cryptographic key					5.8		15	ZeroCERT

44787	2020-12-03 16:17	umu.exe 5d14a94c16571b7876ccb286cdb15893 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Ransomware Windows Tor ComputerName DNS Cryptographic key crashed					11.4		15	ZeroCERT

44788	2020-12-03 16:15	-RTMD-AAEbMF-2mwAAvhwCAERFFwAS... 8ba6d94eb134e2f6f2cfcb477c371661 VirusTotal Malware unpack itself malicious URLs DNS		1			3.8	M	34	ZeroCERT

44789	2020-12-03 16:12	pythonhs.exe 71b9115fa9e0c3614df410afb1c4d8d3 VirusTotal Cryptocurrency Miner Malware Cryptocurrency AutoRuns Malicious Traffic Check memory unpack itself Auto service suspicious process malicious URLs sandbox evasion Windows Browser DNS	1 Keyword trend analysis	1	1		9.4	M	62	ZeroCERT

44790	2020-12-03 16:11	qstdzs_xzkddmb_3.exe c662865d0988233a9f9f8638fd3603e9 VirusTotal Malware unpack itself malicious URLs DNS					4.2	M	30	ZeroCERT