Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
46246	2020-10-07 10:04	http://50.121.226.158/changepw... 22d27255d945c05b79bfc74eb69a77a0 Dridex VirusTotal Malware Code Injection Malicious Traffic Creates executable files RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	4 Keyword trend analysis	2	3		6.0		50	guest

46247	2020-10-07 09:48	images.zip.exe 22a968beda8a033eb31ae175b7e0a937 VirusTotal Malware					1.4		41	admin

46248	2020-10-07 09:44	images.zip.exe 22a968beda8a033eb31ae175b7e0a937 VirusTotal Malware					1.8		41	admin

46249	2020-10-07 09:41	238428.png.exe d429a4330d4d38412c517834983abd31 AutoRuns Code Injection Check memory buffers extracted unpack itself Windows utilities Detects VMWare suspicious process malicious URLs sandbox evasion WriteConsoleW VMware Windows Browser ComputerName crashed					8.4			guest

46250	2020-10-07 09:34	aaa.exe b6e573a5d3a6bb9f7ceb592d13a9fd92 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs					8.6		24	guest

46251	2020-10-07 09:31	c3ZydHJ6.exe 4ce60eb5ec944d8088c64f7a3a998cbe VirusTotal Malware PDB MachineGuid Check memory Checks debugger unpack itself malicious URLs DNS		1			4.0		46	guest

46252	2020-10-07 09:30	v.exe 95458c35d7afba9c35a6742af517e531 Browser Info Stealer VirusTotal Email Client Info Stealer Malware powershell AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities Disables Windows Security powershell.exe wrote Check virtual network interfaces suspicious process AppData folder malicious URLs sandbox evasion WriteConsoleW Tofsee Ransomware Windows Browser Tor Email ComputerName DNS Cryptographic key crashed keylogger	3 Keyword trend analysis	3	1		21.6		33	guest

46253	2020-10-07 09:30	15844522251.jpg.exe edb69ebf91380afeaadb3df7aefc938c VirusTotal Malware Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs AntiVM_Disk VM Disk Size Check human activity check Windows ComputerName DNS Cryptographic key crashed		1	1		13.8		45	guest

46254	2020-10-07 09:20	m.exe e86dfa940e4913b73a5ce0d94df2a10a Browser Info Stealer VirusTotal Email Client Info Stealer Malware powershell AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities Disables Windows Security powershell.exe wrote Check virtual network interfaces suspicious process AppData folder malicious URLs sandbox evasion WriteConsoleW Tofsee Ransomware Windows Browser Tor Email ComputerName DNS Cryptographic key crashed keylogger	3 Keyword trend analysis	3	1		21.0		35	guest

46255	2020-10-07 09:19	mike.exe 7ba8e1127397d1d9f2311414052bba2a Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Check memory Checks debugger unpack itself malicious URLs Windows Browser Email ComputerName Cryptographic key Software crashed					9.4		38	guest

46256	2020-10-07 09:18	625986.png.exe 01fb16537393379aa896259a89c89d55 AutoRuns Code Injection Check memory buffers extracted unpack itself Windows utilities Detects VMWare suspicious process malicious URLs sandbox evasion WriteConsoleW VMware Windows Browser ComputerName crashed					8.4			guest

46257	2020-10-06 19:26	TRM6M-PG1912-DM-VP(HGP100H),dw... c33c1121b6648782476182e7364d95c0 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Windows ComputerName crashed					10.6		41	guest

46258	2020-10-06 17:03	pEbaCsnM5Pk.exe 8e6b8e82668eba801419d591aab6cc3a VirusTotal Malware Report RWX flags setting unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName Remote Code Execution DNS Cryptographic key		5	3		7.8		57	guest

46259	2020-10-06 16:32	TRM6M-PG1912-DM-VP(HGP100H),dw... c33c1121b6648782476182e7364d95c0 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Windows ComputerName					10.4		41	guest

46260	2020-10-06 16:29	견적서_L-Ar_191014-pdf.exe 49cdf06ad4023203ebcf2a279f078aae VirusTotal Malware Buffer PE suspicious privilege Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName Cryptographic key					6.8		31	guest