Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
46156	2020-10-14 15:37	0810.gif.exe ca26ad3cfd67703c3e7a4855407725b5 VirusTotal Malware unpack itself malicious URLs WriteConsoleW ComputerName					3.0	M	46	admin

46157	2020-10-14 15:30	0810.gif.exe ca26ad3cfd67703c3e7a4855407725b5 VirusTotal Malware					1.8	M	46	admin

46158	2020-10-14 15:22	0810.gif.exe ca26ad3cfd67703c3e7a4855407725b5 VirusTotal Malware unpack itself malicious URLs WriteConsoleW ComputerName					3.0	M	46	admin

46159	2020-10-14 15:10	0810.gif.exe ca26ad3cfd67703c3e7a4855407725b5 VirusTotal Malware					1.8	M	46	admin

46160	2020-10-14 10:06	Report10-13.exe e94a676012fde240328e1ecc967c190b VirusTotal Malware RWX flags setting unpack itself Remote Code Execution					2.0		14	admin

46161	2020-10-14 10:03	530340.png.exe 1fdca70b720797177709d275fbe68cc0 Remote Code Execution					0.4			admin

46162	2020-10-14 10:01	https://centraldispatchinc.com... Dridex VirusTotal Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed	1 Keyword trend analysis	2	3		4.2			admin

46163	2020-10-14 10:00	22S0D255S4D111D22S1D4.msi c07d74b3537c91723b2959cd0d0b3c85 Dridex VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself malicious URLs AntiVM_Disk VM Disk Size Check Tofsee ComputerName DNS		1	3		4.2		17	admin

46164	2020-10-14 09:59	Report10-13.exe e94a676012fde240328e1ecc967c190b VirusTotal Malware Remote Code Execution					1.2		14	admin

46165	2020-10-14 09:40	vbc.exe 2a715d95f644566223d8fce95f18dbdc VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Ransomware Windows Tor ComputerName crashed					10.6	M	19	admin

46166	2020-10-14 09:40	65605527.scr d32ce296fea15a65636be94ca127c093 VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs Ransomware Windows Tor ComputerName Cryptographic key crashed					13.0	M	16	admin

46167	2020-10-14 09:40	40147.exe 96d47df84fe322875b17d2c824b314c9 Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c Buffer PE PDB suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself suspicious process malicious URLs AntiVM_Disk sandbox evasion VM Disk Size Check installed browsers check Browser Email ComputerName Remote Code Execution DNS Software crashed	1 Keyword trend analysis	1	7 Info ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Fake 404 Response		17.4	M	32	admin

46168	2020-10-14 09:31	y6oL1Ab2f7Cg.exe deb41d4b2b96f2625ceb3767735d36a6 ENERGETIC BEAR VirusTotal Malware Report PDB RWX flags setting unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName Remote Code Execution DNS Cryptographic key		6	4		7.0	M	56	admin

46169	2020-10-14 09:30	keys.exe d15cc83dd857e9652c5a2ac775590c93 VirusTotal Malware powershell suspicious privilege Check memory Checks debugger Creates shortcut unpack itself suspicious process malicious URLs WriteConsoleW Tofsee Windows ComputerName DNS Cryptographic key	1 Keyword trend analysis	1	1		6.4		19	admin

46170	2020-10-14 09:30	ds2.exe 08156bf26f6f10ceb1d7525c483935e2 VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Disables Windows Security powershell.exe wrote suspicious process malicious URLs Windows ComputerName Cryptographic key					10.8	M	22	admin