Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
46111	2020-10-17 11:36	http://giannaspsychicstudio.co... 0f53a3aba18f3f7f2de3996a3f2316d7 VirusTotal Malware AutoRuns Code Injection Malicious Traffic Creates executable files RWX flags setting exploit crash unpack itself Windows utilities Auto service malicious URLs AntiVM_Disk sandbox evasion VM Disk Size Check human activity check Windows Exploit Advertising ComputerName DNS Cryptographic key crashed	3 Keyword trend analysis	3	2		11.6		14	guest

46112	2020-10-17 11:04	http://alternasaludspa.com/1/m... ec56dfc73215179dcd26dd36e8d143d6 VirusTotal Malware					0.4			guest

46113	2020-10-17 10:41	http://tola.ae/docs/t/ 0f70e9a3e9d70d4220c80770151f9dbd VirusTotal Malware Report AutoRuns Code Injection Malicious Traffic Creates executable files RWX flags setting exploit crash unpack itself Windows utilities Auto service malicious URLs AntiVM_Disk sandbox evasion VM Disk Size Check human activity check Windows Exploit Browser Advertising ComputerName DNS Cryptographic key crashed	5 Keyword trend analysis Info http://51.38.50.144:8080/lUBDbc/IlFgA3Y7I9IPTs/SImNBb/ http://188.40.170.197/43914VPH5DK1Tws/Go8ZB8/IaIuq84O5BA/RWHVwKWU1r/4LU15sqBPuNLU/odKP/ http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml http://tola.ae/docs/t/ http://46.22.116.163:7080/slyO/6Q3Te1BCxaHAfqqt4/qsEfPbJmlN/	13	4		13.6			guest

46114	2020-10-17 09:14	amina.exe 75ea73923fd84adc68f7e68c36433351 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger unpack itself malicious URLs Windows Browser Email ComputerName Cryptographic key Software crashed keylogger					8.4		18	guest

46115	2020-10-17 09:12	list_41803.doc 681f71bbf1e124c6ed17d26d0b917f08 Vulnerability VirusTotal Malware unpack itself malicious URLs					3.6		32	guest

46116	2020-10-16 19:57	http://p4uclasses.com/wp-conte... c50585be1cd654bacfb15679146c7394 VirusTotal Malware Report AutoRuns Code Injection Malicious Traffic Creates executable files RWX flags setting exploit crash unpack itself Windows utilities Auto service malicious URLs AntiVM_Disk sandbox evasion VM Disk Size Check human activity check Windows Exploit Advertising ComputerName DNS Cryptographic key crashed keylogger	3 Keyword trend analysis	4	3		13.8			guest

46117	2020-10-16 19:18	MaQ.exe 441ca675e13c108f60770ffae503373a Malware PDB Malicious Traffic RWX flags setting unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName Remote Code Execution DNS Cryptographic key	1 Keyword trend analysis	2			6.8			guest

46118	2020-10-16 19:08	Yz3bqgXVP7uzS.exe 681c2d0bf87234946735a09f4e1d9d87 VirusTotal Malware PDB Malicious Traffic RWX flags setting unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName Remote Code Execution DNS Cryptographic key	1 Keyword trend analysis	1			6.4	M	17	guest

46119	2020-10-16 18:49	InKY0ujCqKHXZp1.exe 5e5dee7718bb44b682b9b36851ba3292 Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs installed browsers check Browser Email ComputerName Trojan DNS Software	1 Keyword trend analysis	1	10 Info ET INFO DNS Query for Suspicious .ga Domain ET MALWARE Trojan Generic - POST To gate.php with no referer ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET INFO HTTP POST Request to Suspicious *.ga Domain ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Fake 404 Response		13.0		34	guest

46120	2020-10-16 18:08	bBA0mMhqacDQ55b.exe f2769dca375d549623a671049200f07d VirusTotal Malware Report PDB RWX flags setting unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName Remote Code Execution DNS Cryptographic key	1 Keyword trend analysis	4	1		6.8		14	guest

46121	2020-10-16 16:45	AKUJJ.exe 30321b84684bca606a94a1fc1a7bceb3 VirusTotal Malware PDB Malicious Traffic RWX flags setting unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName Remote Code Execution DNS Cryptographic key	1 Keyword trend analysis	2			7.2	M	4	guest

46122	2020-10-16 16:00	default.bak 6ba233d220cc58e7b467754039413948 Email Client Info Stealer suspicious privilege Checks debugger Creates shortcut unpack itself AntiVM_Disk VM Disk Size Check installed browsers check Browser Email ComputerName					3.8			guest

46123	2020-10-16 15:51	loki.exe 703eb859df4786c7d28b30fc2f3e4880 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces malicious URLs Ransomware Windows Browser Tor Email ComputerName DNS Cryptographic key Software crashed	1 Keyword trend analysis	1			10.4	M	19	guest

46124	2020-10-16 15:49	loki.exe 703eb859df4786c7d28b30fc2f3e4880 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces malicious URLs Ransomware Windows Browser Tor Email ComputerName DNS Cryptographic key Software crashed	1 Keyword trend analysis	1			10.4	M	19	guest

46125	2020-10-16 15:26	c5xfte.dll 29b3fb0c606603e980e207f9739eb36b VirusTotal Malware PDB unpack itself crashed					2.8		42	guest