Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
45241	2020-11-16 09:55	asdf.EXE 5e1076d2b7b7ba138f08174d602bc167 VirusTotal Malware RWX flags setting unpack itself Windows crashed					3.2		49	admin

45242	2020-11-16 08:53	bd2ac88b645f9a64_windows[1].ms... b10818a90e3ff2f35dd2d6cd1be5386b VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself malicious URLs AntiVM_Disk VM Disk Size Check ComputerName					3.6	M	31	guest

45243	2020-11-16 08:40	http://45.129.2.137/windows.ms... b10818a90e3ff2f35dd2d6cd1be5386b Dridex VirusTotal Malware Code Injection Malicious Traffic Creates executable files exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	1 Keyword trend analysis	2	3		5.6		31	guest

45244	2020-11-16 08:28	http://kalpvedafoundation.com/... 0f2f74c12a0c35894841633c4a274c7a VirusTotal Malware Code Injection Creates executable files exploit crash unpack itself Windows utilities Windows Exploit DNS crashed	1 Keyword trend analysis	4	1		4.6			guest

45245	2020-11-16 07:50	rover.exe 0ddc29dca8aa48dda5519a00663a9d7e VirusTotal Malware unpack itself Remote Code Execution					2.2	M	22	admin

45246	2020-11-15 21:45	rover.exe 0ddc29dca8aa48dda5519a00663a9d7e unpack itself Remote Code Execution					1.4			admin

45247	2020-11-15 21:43	lm.exe 2fb76b187bffd19e03ef8a9a75af7966 VirusTotal Malware AutoRuns PDB Code Injection Check memory Checks debugger Creates executable files unpack itself Windows utilities AppData folder malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check Windows ComputerName Remote Code Execution DNS		3			7.6	M	6	admin

45248	2020-11-15 21:35	lm.exe 2fb76b187bffd19e03ef8a9a75af7966 VirusTotal Malware AutoRuns PDB Code Injection Check memory Checks debugger Creates executable files unpack itself Windows utilities AppData folder malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check Windows ComputerName Remote Code Execution		2			7.0		6	admin

45249	2020-11-15 19:58	http://143.92.57.83:8080/o.bat 06d6852d600ec97cef029357ef06c949 Dridex VirusTotal Malware Code Injection Malicious Traffic Creates executable files RWX flags setting exploit crash unpack itself Windows utilities AppData folder malicious URLs Tofsee Windows Exploit DNS crashed		2	6 Info SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET INFO TLS Handshake Failure ET JA3 Hash - Possible Malware - Unknown traffic associated with Dridex ET POLICY PE EXE or DLL Windows file download HTTP ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response ET INFO EXE - Served Attached HTTP		6.4	M	27	guest

45250	2020-11-15 17:47	crss.exe d8bb039f1f1d49caee5018e499583342 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName Cryptographic key					8.2	M	20	admin

45251	2020-11-15 17:38	crss.exe d8bb039f1f1d49caee5018e499583342 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName Cryptographic key					10.0	M	20	guest

45252	2020-11-15 12:58	5.exe f139bcd08ad8da406f7dd25411d1c9b3 VirusTotal Malware unpack itself malicious URLs					2.8	M	60	admin

45253	2020-11-15 10:00	DTLEP.exe e8d11537236c3439c2c8dda29dfc9a48 VirusTotal Malware AutoRuns Check memory unpack itself Windows Remote Code Execution crashed keylogger					4.6	M	19	guest

45254	2020-11-15 09:48	IntelHAXM.exe 730113ba879c7bee746edb199f9403b7 VirusTotal Malware Check memory Checks debugger unpack itself malicious URLs					2.8		50	guest

45255	2020-11-15 00:49	604100.jpg.exe 8a29f0972b9d24e24ed30c0f3bbdeab4 VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs Windows ComputerName DNS Cryptographic key crashed		1			12.4	M	25	admin