Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
44956	2020-11-26 13:31	Wzdgpx2.exe 9750537a76d3cd8981eb129559dd8e81 VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself Check virtual network interfaces Tofsee ComputerName	1 Keyword trend analysis	2	1		3.2	M	19	ZeroCERT

44957	2020-11-26 13:28	svchost.exe 69513930e28e86aae5bcfa92f6b89262 VirusTotal Malware malicious URLs WriteConsoleW DNS		1			4.4	M	65	ZeroCERT

44958	2020-11-26 13:26	run.exe 68cb8eb46036dee49f5dbcb95594660a VirusTotal Malware PDB Check memory Creates executable files AppData folder malicious URLs WriteConsoleW installed browsers check Browser		2			7.2	M	66	ZeroCERT

44959	2020-11-26 12:17	prowarzstepgodz.exe 4f9226e8dc633386bfb1e4a201b732ac Malware download Malware PDB suspicious privilege Malicious Traffic Creates executable files AppData folder malicious URLs WriteConsoleW installed browsers check Windows Browser DNS Downloader		3	8 Info ET INFO Executable Download from dotted-quad Host ET MALWARE Possible Malicious Macro DL EXE Feb 2016 ET MALWARE Possible Malicious Macro EXE DL AlphaNumL ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET CURRENT_EVENTS Terse alphanumeric executable downloader high likelihood of being hostile ET POLICY PE EXE or DLL Windows file download HTTP ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response		8.0	M		ZeroCERT

44960	2020-11-26 12:16	prowarzgalaxyz.exe aeb8c6e4bd873e955e0a4868ad38e540 Malware download VirusTotal Malware PDB suspicious privilege Malicious Traffic Creates executable files ICMP traffic AppData folder malicious URLs WriteConsoleW installed browsers check Windows Browser DNS Downloader		3	8 Info ET INFO Executable Download from dotted-quad Host ET CURRENT_EVENTS Terse alphanumeric executable downloader high likelihood of being hostile ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET MALWARE Possible Malicious Macro DL EXE Feb 2016 ET MALWARE Possible Malicious Macro EXE DL AlphaNumL ET POLICY PE EXE or DLL Windows file download HTTP ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response		10.0	M	65	ZeroCERT

44961	2020-11-26 11:39	ov6a7cu.jpg.exe d3b2e2e305010b207712b4faaa9e8436 VirusTotal Malware unpack itself Remote Code Execution DNS crashed					3.2	M	51	ZeroCERT

44962	2020-11-26 11:38	nhzreport20.exe 7a74af0feccf3f3a19bb5f33f4aba409 VirusTotal Malware PDB Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces malicious URLs DNS	1 Keyword trend analysis	1			4.8	M	41	ZeroCERT

44963	2020-11-26 11:35	GKy0gZW2U5ZFfi3.exe 7ed3dddb228ebd374d05d0c7b10f5ec8 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Ransomware Windows Tor ComputerName DNS crashed					15.2	M	50	ZeroCERT

44964	2020-11-26 11:35	fYVOqo8l9OOcKJN.exe b38cb5b76f1743869c7e93575f7f8a05 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Ransomware Windows Tor ComputerName crashed					14.6	M	46	ZeroCERT

44965	2020-11-26 11:26	fO8WPFWzbC3gexr.exe 5960c5688e1a3a5040265fd608fffab2 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Windows ComputerName DNS crashed					14.0	M	44	ZeroCERT

44966	2020-11-26 11:25	ErQiBmn8cFITjnV.exe 393f16e9d2b10145cc148a9a6413fe51 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Windows ComputerName crashed					12.8	M	45	ZeroCERT

44967	2020-11-26 10:52	fO8WPFWzbC3gexr.exe 5960c5688e1a3a5040265fd608fffab2 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Ransomware Windows Tor ComputerName DNS crashed					14.6	M	44	ZeroCERT

44968	2020-11-26 10:51	ErQiBmn8cFITjnV.exe 393f16e9d2b10145cc148a9a6413fe51 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Windows ComputerName crashed					12.2	M	45	ZeroCERT

44969	2020-11-26 10:45	ErQiBmn8cFITjnV.exe 393f16e9d2b10145cc148a9a6413fe51 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Ransomware Windows Tor ComputerName DNS crashed					14.0	M	45	guest

44970	2020-11-26 10:45	Documents.exe 38277d6e24f7210e5b8d77a337ae51d1 VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs	1 Keyword trend analysis	3			9.0	M	36	guest