Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
45856	2020-10-28 10:17	https://valenciaexpresslaundry... 09ecf62b70523317e0631ad7d50b669b Dridex VirusTotal Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed		3	3		4.8			admin

45857	2020-10-28 10:16	9.scr f0d8f5b7a0e01207efc16af30462944c Malware download Amadey VirusTotal Malware AutoRuns MachineGuid Malicious Traffic Creates executable files unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows Tor ComputerName DNS	3 Keyword trend analysis	7	4		8.2	M	56	admin

45858	2020-10-28 10:15	nono.exe d5e700f8d120095ecfc77edc1476c844 VirusTotal Malware Check memory Checks debugger unpack itself Checks Bios Detects VirtualBox malicious URLs WriteConsoleW VMware anti-virtualization Windows ComputerName Cryptographic key Software					7.6	M	46	admin

45859	2020-10-28 10:12	2.scr f0d8f5b7a0e01207efc16af30462944c Malware download Amadey Malware AutoRuns MachineGuid Malicious Traffic Creates executable files unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName DNS	3 Keyword trend analysis	6	3		6.4	M		admin

45860	2020-10-28 10:11	16.exe db02751a702b316fe074381f82f04965 VirusTotal Malware suspicious privilege Check memory Creates executable files unpack itself Check virtual network interfaces AppData folder malicious URLs anti-virtualization Ransomware Windows Tor ComputerName DNS crashed keylogger		5	6 Info ET TOR Known Tor Exit Node Traffic group 31 ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 31 ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 841 ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 447 ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 579 ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 617		11.6	M	51	admin

45861	2020-10-28 10:02	gfers.exe 8d330917b4d7220eb231327236f93c95 VirusTotal Malware unpack itself					2.0		25	admin

45862	2020-10-28 10:02	lilbaa.exe 51400134bdd5b0eae07a5685c3560771 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger buffers extracted WMI ICMP traffic unpack itself Check virtual network interfaces malicious URLs IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed keylogger	1 Keyword trend analysis	4	5		12.2	M	25	admin

45863	2020-10-28 09:57	0pp.exe 605eef77a212754b476a215f3b6c02f7 VirusTotal Malware Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs		3			10.4	M	24	admin

45864	2020-10-28 09:45	0pp.exe 605eef77a212754b476a215f3b6c02f7 VirusTotal Malware Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs					8.4	M	24	guest

45865	2020-10-28 09:45	PO-1511.exe bd1774eb4111b1427dab606545da4a76 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Windows Tor ComputerName DNS		4	4		11.6		27	guest

45866	2020-10-28 09:42	0uu.exe 38f441527edd249d93a5c9ee0f37b1ba VirusTotal Malware Buffer PE suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities malicious URLs Windows	2 Keyword trend analysis	4			10.2		14	guest

45867	2020-10-28 09:37	torn.exe 02137910a963fac7169db7c3e30e667a VirusTotal Malware suspicious privilege Check memory Creates executable files unpack itself Check virtual network interfaces AppData folder malicious URLs anti-virtualization Ransomware Windows Tor ComputerName DNS crashed keylogger		6	6 Info ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 645 ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 369 ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 713 ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 620 ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 166 ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 164		11.2		54	guest

45868	2020-10-28 09:36	infostati.exe 6f952b81a92f7f780923635648b428c0 VirusTotal Malware unpack itself malicious URLs					2.6		37	guest

45869	2020-10-28 09:34	Adobe.pdf.exe bbad437e472d66b7702a2c7671260b27 VirusTotal Malware Malicious Traffic Check memory Checks debugger buffers extracted WMI unpack itself Checks Bios Detects VirtualBox Check virtual network interfaces malicious URLs WriteConsoleW VMware anti-virtualization Tofsee Windows ComputerName Cryptographic key Software	2 Keyword trend analysis	2	1		10.0		44	guest

45870	2020-10-28 09:03	Inv. 0655554.doc 240b691234655ab6f8d51f62d3ea7d71 Vulnerability VirusTotal Malware Malicious Traffic ICMP traffic unpack itself malicious URLs Tofsee DNS	3 Keyword trend analysis	6	1		6.8		17	guest