Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
46171	2020-10-14 09:29	906137.exe 77875aea4abff95d4a7c189676b6658d VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs Ransomware Windows Tor ComputerName Cryptographic key crashed					13.2	M	23	guest

46172	2020-10-14 09:25	File.exe 4bfa9cefa15eac5ca5cded94aa2c5e1b VirusTotal Malware unpack itself Remote Code Execution					2.2	M	20	guest

46173	2020-10-14 09:23	ds2.exe 08156bf26f6f10ceb1d7525c483935e2 VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Disables Windows Security powershell.exe wrote suspicious process malicious URLs Windows ComputerName Cryptographic key					10.8	M	22	guest

46174	2020-10-14 09:11	rc.exe 594e5c8c28579857cead33db64e2cb5d Emotet VirusTotal Malware Buffer PE AutoRuns Code Injection buffers extracted Creates executable files RWX flags setting unpack itself Windows utilities AppData folder malicious URLs Tofsee Interception Windows DNS	1 Keyword trend analysis	3	1		12.4		36	guest

46175	2020-10-14 09:11	ac.exe bd994fb4216a7ba7d6baf94d489e7fc1 VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote suspicious process malicious URLs WriteConsoleW Windows ComputerName DNS Cryptographic key		1			12.2		21	guest

46176	2020-10-14 09:09	ds1.exe b12eb506a5ee264b880686ac4bb29e8d VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself malicious URLs					8.4		21	guest

46177	2020-10-13 18:26	invoice.exe 9448a7e12108858e1e48097be290987b Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces malicious URLs WriteConsoleW Tofsee Ransomware Windows Browser Tor Email ComputerName DNS Cryptographic key Software crashed keylogger	2 Keyword trend analysis	2	1		16.2		21	guest

46178	2020-10-13 18:25	http://eddyholdingshuttle.co.z... 9448a7e12108858e1e48097be290987b Browser Info Stealer Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files exploit crash unpack itself Windows utilities Check virtual network interfaces malicious URLs WriteConsoleW Tofsee Windows Exploit Browser Email ComputerName DNS Cryptographic key Software crashed keylogger	6 Keyword trend analysis	5	3		17.6			guest

46179	2020-10-13 18:24	vato.vbs 5d14589c73766390f6be4d91a7ae47aa VirusTotal Malware powershell Buffer PE suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI heapspray Creates shortcut ICMP traffic unpack itself powershell.exe wrote Check virtual network interfaces malicious URLs WriteConsoleW Windows Java ComputerName DNS Cryptographic key DDNS keylogger	1 Keyword trend analysis	3	3		15.4		6	guest

46180	2020-10-13 16:56	6789.exe ba89aebee75fc99d101749cfb8ed00cc VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder malicious URLs Windows DNS Cryptographic key	2 Keyword trend analysis	2			11.0	M	18	admin

46181	2020-10-13 16:51	https://bitbucket.org/soyag/la... b034a3ff4284b5b549d1c55387207229 Dridex Malware Code Injection unpack itself Windows utilities malicious URLs Tofsee Windows DNS		1	3		2.8			guest

46182	2020-10-13 16:51	530340.png2.exe 86e178116a96036563b06bde67444c6e unpack itself malicious URLs WriteConsoleW ComputerName Remote Code Execution					2.0			guest

46183	2020-10-13 16:50	6789.exe ba89aebee75fc99d101749cfb8ed00cc VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder malicious URLs Windows Cryptographic key					9.6		18	guest

46184	2020-10-13 13:44	10418.xlsb a51bb2628954b4f4f6b8485692809880 Malware download Malware Creates executable files unpack itself malicious URLs Windows DNS Downloader	1 Keyword trend analysis	1	3		5.2		20	admin

46185	2020-10-13 13:43	1037.xlsb d5d5f5211e65e726e155a9517ba0eeaa Creates executable files unpack itself malicious URLs					3.6		15	admin