Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
45541	2020-11-10 11:01	DAYLL.exe 1b557b166ddf21da002086de783f4aa5 VirusTotal Malware Report suspicious privilege buffers extracted unpack itself malicious URLs sandbox evasion ComputerName Remote Code Execution DNS crashed		1	1		7.4	M	54	admin

45542	2020-11-10 10:56	PaymentconfirmationReceipt.Doc... 5d78ff6a171210e8f566ec2dca0390a7 VirusTotal Malware powershell AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities powershell.exe wrote suspicious process AppData folder malicious URLs AntiVM_Disk WriteConsoleW IP Check VM Disk Size Check Windows ComputerName Cryptographic key crashed	1 Keyword trend analysis	2	1		15.4	M	26	SFPark

45543	2020-11-10 10:51	PaymentconfirmationReceipt.Doc... 5d78ff6a171210e8f566ec2dca0390a7 VirusTotal Malware powershell AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities powershell.exe wrote suspicious process AppData folder malicious URLs WriteConsoleW IP Check Windows ComputerName DNS Cryptographic key crashed	1 Keyword trend analysis	3	1		16.2	M	26	guest

45544	2020-11-10 10:50	DAYLL.exe 1b557b166ddf21da002086de783f4aa5 VirusTotal Malware Report suspicious privilege buffers extracted unpack itself malicious URLs sandbox evasion ComputerName Remote Code Execution DNS crashed		1	1		7.4	M	54	guest

45545	2020-11-10 10:47	5.exe f139bcd08ad8da406f7dd25411d1c9b3 VirusTotal Malware unpack itself malicious URLs					2.8	M	59	guest

45546	2020-11-10 10:43	https://cape-eye.co.za/stubs.e... 9adab0ce1e56a2d28e33b703d77d6ed2 Dridex VirusTotal Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed		3	3		4.4			admin

45547	2020-11-10 08:14	http://45.77.191.82/1.docm?=tr... a8a310be2f90fdc024dc34f837e1a13d VirusTotal Malware Malicious Traffic malicious URLs DNS	2 Keyword trend analysis	2			4.6		40	guest

45548	2020-11-10 07:57	https://cape-eye.co.za/stubs.e... 9adab0ce1e56a2d28e33b703d77d6ed2 Dridex VirusTotal Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed		4	3		5.2			guest

45549	2020-11-10 07:48	http://151.80.220.125/mmc/2684... fdd3a5dc6e98c570521c21ebb03d57d8 Dridex VirusTotal Malware Code Injection Malicious Traffic Creates executable files exploit crash unpack itself Windows utilities AppData folder malicious URLs Tofsee Windows Exploit DNS crashed	1 Keyword trend analysis	2	6 Info SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET INFO Executable Download from dotted-quad Host ET INFO TLS Handshake Failure ET JA3 Hash - Possible Malware - Unknown traffic associated with Dridex ET POLICY PE EXE or DLL Windows file download HTTP ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response		6.0	M	43	guest

45550	2020-11-09 18:33	whe.exe 1d941f6e024eba5484ec753079921140 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger unpack itself malicious URLs Ransomware Windows Browser Tor Email ComputerName DNS Cryptographic key Software crashed		1			8.4	M	51	admin

45551	2020-11-09 18:33	thai.exe 90e0d9ec659549f72d2c29bf1369bbe5 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger unpack itself malicious URLs Ransomware Windows Browser Tor Email ComputerName Cryptographic key Software crashed					7.8	M	50	admin

45552	2020-11-09 18:26	JHF-41023.exe f30cee7651131246d28525967c64743e VirusTotal Malware Buffer PE AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs Ransomware Windows Tor ComputerName DNS Cryptographic key crashed		1			14.2		13	admin

45553	2020-11-09 18:26	esuerde.exe 152bed595f3e44a195dee429aa152024 Browser Info Stealer Malware download FTP Client Info Stealer Azorult VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency Buffer PE suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Collect installed applications AppData folder malicious URLs sandbox evasion anti-virtualization installed browsers check Ransomware Windows Browser Email ComputerName Cryptographic key Software	1 Keyword trend analysis	2	2		17.6	M	22	admin

45554	2020-11-09 18:21	jiz.exe 057e4c3977443ea8998b7c248d02e99f Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger unpack itself malicious URLs Ransomware Windows Browser Tor Email ComputerName DNS Cryptographic key Software crashed		1			8.4	M	49	admin

45555	2020-11-09 18:20	elb.exe a6fa3ee5d22ca9677a44527d929b58ca Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger unpack itself malicious URLs Ransomware Windows Browser Tor Email ComputerName Cryptographic key Software crashed					7.8	M	55	admin