Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
45061	2020-11-22 14:46	pp.exe bb30a5dd4130b071fb4ca5f005371c63 VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities malicious URLs Windows	2 Keyword trend analysis	4			10.0	M	43	ZeroCERT

45062	2020-11-22 14:44	stub.exe 0e246d7813b9ea04cac28802062a3ddd Browser Info Stealer Malware download VirusTotal Malware Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces malicious URLs IP Check Stealer Browser	3 Keyword trend analysis	4	2	1	5.2	M	52	ZeroCERT

45063	2020-11-22 14:35	POT.exe 51665d04b5fc3289e64ebb819e29e798 VirusTotal Malware Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder malicious URLs crashed					4.0	M	22	ZeroCERT

45064	2020-11-22 14:34	pp.exe bb30a5dd4130b071fb4ca5f005371c63 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs DNS					8.6	M	43	ZeroCERT

45065	2020-11-22 14:31	phy__1__31629__2649094674__160... 6bcfa9f7cff3724c68ab9d9a5a7cfa61 VirusTotal Malware Check memory ICMP traffic unpack itself malicious URLs IP Check Remote Code Execution DNS	1 Keyword trend analysis	3	1		6.4	M	37	ZeroCERT

45066	2020-11-22 14:31	light.exe 020bc13012ce4db6e204cb1ed174851e Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Check memory Checks debugger unpack itself malicious URLs Ransomware Windows Browser Tor Email ComputerName Cryptographic key Software crashed					10.2	M	49	ZeroCERT

45067	2020-11-21 18:09	fcberhy.exe f8ff17fc416136341f7dcc497b2a1e0a Browser Info Stealer Malware download FTP Client Info Stealer Azorult VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency MachineGuid Code Injection Malicious Traffic Check memory buffers extracted Creates executable files unpack itself Collect installed applications AppData folder malicious URLs sandbox evasion anti-virtualization installed browsers check Ransomware Browser Email ComputerName Software crashed		2	2		14.2	M	58	ZeroCERT

45068	2020-11-21 18:07	ds2.exe 4cf8df527881a65164126227878a5935 VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Disables Windows Security powershell.exe wrote suspicious process malicious URLs Windows ComputerName DNS Cryptographic key					12.4	M	46	ZeroCERT

45069	2020-11-21 18:07	Ubnccbruoun7.exe 9635d5d0882e7ecd9234af3bfd2efa89 VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows DNS Cryptographic key		1			10.4	M	50	ZeroCERT

45070	2020-11-21 18:02	topo.exe b0142b51242c66a94498ff06772f0f72 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger unpack itself Check virtual network interfaces malicious URLs IP Check Tofsee Ransomware Windows Browser Tor Email ComputerName DNS Cryptographic key Software crashed	2 Keyword trend analysis	4	1		12.0	M	51	ZeroCERT

45071	2020-11-21 18:01	tl2gnGyMz6eLhZG.exe a69d92ca36316018b8f7b2daf8de9980 VirusTotal Malware suspicious privilege Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Ransomware Windows Tor ComputerName crashed					8.8	M	22	ZeroCERT

45072	2020-11-21 17:54	SK-01068.exe 57cdf27894584678159ff08d2d19061c VirusTotal Malware Buffer PE AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs Ransomware Windows Tor ComputerName Cryptographic key crashed					14.8	M	52	ZeroCERT

45073	2020-11-21 17:53	stub.exe 0e246d7813b9ea04cac28802062a3ddd Browser Info Stealer Malware download VirusTotal Malware Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces malicious URLs IP Check Stealer Browser	2 Keyword trend analysis	4	2		5.2	M	50	ZeroCERT

45074	2020-11-21 17:41	rc.exe 1a328017740757e16cb7ac98df27e043 Emotet VirusTotal Malware Buffer PE AutoRuns Code Injection Malicious Traffic buffers extracted Creates executable files RWX flags setting unpack itself Windows utilities suspicious process AppData folder malicious URLs Tofsee Interception Windows DNS	1 Keyword trend analysis	9	1		16.6	M	47	ZeroCERT

45075	2020-11-21 17:40	QulLipWrkCCy1E8.exe f04af9c18007f88f35490215ae8198a7 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW installed browsers check Windows Browser Email ComputerName DNS Software		1			17.2	M	23	ZeroCERT