Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
45016	2020-11-24 11:43	clop2.exe 92d0ca02e6874926e5b5fe7cf7351d7b VirusTotal Malware malicious URLs WriteConsoleW					2.4		46	ZeroCERT

45017	2020-11-24 11:36	clop.exe 4dfb145cec1456cf6cf145f32f01ceff VirusTotal Malware Check memory unpack itself malicious URLs ComputerName DNS crashed					3.6		45	ZeroCERT

45018	2020-11-24 11:36	vbc2.exe 44150226048cd14567ce9874c0b549fc VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces malicious URLs WriteConsoleW Tofsee Windows Cryptographic key	3 Keyword trend analysis	2	1		8.8	M	27	ZeroCERT

45019	2020-11-24 11:28	vbc.exe 6804a885c77f6f5379cea37439f47eaf VirusTotal Malware DNS		2			3.4	M	54	ZeroCERT

45020	2020-11-24 11:28	svch.exe 2aa72d8ddee42fde91878cffe0ac139e Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces malicious URLs IP Check Tofsee Ransomware Windows Browser Tor Email ComputerName Cryptographic key Software crashed	2 Keyword trend analysis	4	1		10.0	M	49	ZeroCERT

45021	2020-11-24 11:23	presh.exe 174928672b2339c57a6882125957e672 VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities malicious URLs Windows	2 Keyword trend analysis	4			10.0	M	45	ZeroCERT

45022	2020-11-24 11:20	Spoof_123.exe 48075a122eb84fc077fb80e59d3834ed VirusTotal Malware Check memory Checks debugger unpack itself ComputerName DNS					3.2	M	51	ZeroCERT

45023	2020-11-24 11:20	presh.exe 174928672b2339c57a6882125957e672 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs					8.0	M	45	ZeroCERT

45024	2020-11-24 10:42	presh.doc 04fb044011085bc906ede48c396020c5 VirusTotal Malware Malicious Traffic exploit crash unpack itself malicious URLs Windows Exploit DNS crashed	2 Keyword trend analysis	5	5 Info ET INFO Executable Download from dotted-quad Host ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET POLICY PE EXE or DLL Windows file download HTTP ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response		5.2	M	25	ZeroCERT

45025	2020-11-24 10:33	Ohms.exe 3070eba41971269de72494cb416f60cf VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Ransomware Windows Tor ComputerName DNS crashed					14.8	M	19	ZeroCERT

45026	2020-11-24 10:33	li.exe 59dbb16e78443176b4411b03e2e4598a Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted ICMP traffic unpack itself Check virtual network interfaces malicious URLs IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed keylogger	1 Keyword trend analysis	4	5		14.8	M	37	ZeroCERT

45027	2020-11-24 10:10	in.exe a1fe6cc921fb6ac3c10d11c4ed1a0b01 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs DNS					8.2	M	24	ZeroCERT

45028	2020-11-24 10:09	ewa.exe 80c6700fc3546cb510e5cd7497d13d7a VirusTotal Malware Check memory Checks debugger unpack itself					2.2	M	34	ZeroCERT

45029	2020-11-24 10:02	ewa.exe 80c6700fc3546cb510e5cd7497d13d7a VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Ransomware Windows Tor ComputerName DNS crashed					15.2	M	34	ZeroCERT

45030	2020-11-24 10:00	app.exe 9664af963ef2d8889eeadd49c4b097e7 VirusTotal Malware unpack itself malicious URLs					2.4		21	ZeroCERT