Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
45976	2020-10-21 16:16	W4O1NAY.exe 1fbffee16a716bc28add2eb40a33c6e0 VirusTotal Malware Malicious Traffic RWX flags setting unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName Remote Code Execution DNS Cryptographic key	1 Keyword trend analysis	2			7.2	M	13	admin

45977	2020-10-21 16:13	W4O1NAY.exe 1fbffee16a716bc28add2eb40a33c6e0 VirusTotal Malware Malicious Traffic RWX flags setting unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName Remote Code Execution DNS Cryptographic key	1 Keyword trend analysis	2			7.2	M	13	admin

45978	2020-10-21 16:08	W4O1NAY.exe 1fbffee16a716bc28add2eb40a33c6e0 VirusTotal Malware Malicious Traffic RWX flags setting unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName Remote Code Execution DNS Cryptographic key	1 Keyword trend analysis	2			7.2	M	13	admin

45979	2020-10-21 16:03	h3OwzPRI6vEG1KuC3.exe b45533152cb79846a4a35300941be962 VirusTotal Malware Malicious Traffic RWX flags setting unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName Remote Code Execution DNS Cryptographic key		2			7.2		16	admin

45980	2020-10-21 15:57	W4O1NAY.exe 1fbffee16a716bc28add2eb40a33c6e0 VirusTotal Malware Malicious Traffic RWX flags setting unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName Remote Code Execution DNS Cryptographic key		2			7.8		13	admin

45981	2020-10-21 15:52	Payment status.doc 37460b69ee0ed3d349f47106a4717c63 Vulnerability VirusTotal Malware Malicious Traffic unpack itself malicious URLs Tofsee DNS		3	1		5.2		27	admin

45982	2020-10-21 15:19	3cn1KY5.exe 38d5017ef64f05d01bb8d9b088f53b76 Malware Malicious Traffic RWX flags setting unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName Remote Code Execution DNS Cryptographic key		3			6.6			admin

45983	2020-10-21 15:07	W4O1NAY.exe 1fbffee16a716bc28add2eb40a33c6e0 Malware Malicious Traffic RWX flags setting unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName Remote Code Execution DNS Cryptographic key		2			6.6			admin

45984	2020-10-21 14:51	test.html b72ffe471af70ddc123de0722008442d Dridex Malware Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	8 Keyword trend analysis Info https://ssl.pstatic.net/sstatic/search/pc/css/api_atcmp_200709.css https://ssl.pstatic.net/tveta/libs/assets/js/pc/main/min/pc.veta.core.min.js https://www.naver.com/ https://pm.pstatic.net/dist/lib/search.jindo.20200326.js?o=www https://pm.pstatic.net/dist/js/nmain.ie.4cb9b44e.js?o=www https://pm.pstatic.net/dist/css/nmain.20201020.css https://ssl.pstatic.net/tveta/libs/assets/js/common/min/probe.min.js https://static-whale.pstatic.net/main/img_darkmode@2x.png	13 Info www.google.com(216.58.220.132) google.com(216.58.220.110) static-whale.pstatic.net(101.79.137.172) pm.pstatic.net(104.109.240.206) ssl.pstatic.net(104.109.240.195) www.naver.com(23.46.23.18) 101.79.137.169 125.209.222.142 - suspicious 125.209.254.182 172.217.25.14 - suspicious 101.79.137.173 172.217.161.132 117.18.232.200 - suspicious	3		4.6			admin

45985	2020-10-21 14:27	document.doc cc6c4031b59d182755ae188c7f66ad7e LokiBot Malware download VirusTotal Malware c&c Malicious Traffic exploit crash unpack itself malicious URLs Windows Exploit Trojan DNS crashed	2 Keyword trend analysis	5	11 Info ET MALWARE Trojan Generic - POST To gate.php with no referer ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET INFO HTTP POST Request to Suspicious *.ga Domain ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Fake 404 Response ET INFO DNS Query for Suspicious .ga Domain ET POLICY PE EXE or DLL Windows file download HTTP		5.0	M	24	admin

45986	2020-10-21 14:20	vbc.exe ed3e155b736c7f072cd1358938e9c046 VirusTotal Malware Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder malicious URLs crashed		1			3.8	M	18	admin

45987	2020-10-21 14:18	chang.exe eff92670eb22b10ea6e2b458805e5b91 VirusTotal Malware Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder crashed		1			3.0	M	13	admin

45988	2020-10-21 14:13	chang.exe eff92670eb22b10ea6e2b458805e5b91 VirusTotal Malware Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder malicious URLs crashed		1			3.8	M	13	admin

45989	2020-10-21 13:38	f3.exe c9917fd15fed108ad9d6ee548dd2e4c1 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware Cryptocurrency wallets Cryptocurrency MachineGuid Check memory unpack itself Collect installed applications AppData folder malicious URLs sandbox evasion anti-virtualization IP Check installed browsers check Ransomware Browser ComputerName Software	1 Keyword trend analysis	5	1		9.0		26	admin

45990	2020-10-21 13:33	tar7ce.exe 9d79b08deadcde5b3b913ee75d3fff8d VirusTotal Malware Check memory RWX flags setting unpack itself		1			3.0		21	admin