Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
46411	2020-09-22 11:26	vbc.exe 4dc66eac38eb30156c164e698b112623 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger unpack itself malicious URLs Ransomware Windows Browser Tor Email ComputerName Cryptographic key Software crashed					7.8	M	24	admin

46412	2020-09-22 11:25	rc.exe a205712a031be2c61db9cd98c1c29a14 Emotet VirusTotal Malware Buffer PE AutoRuns Code Injection buffers extracted Creates executable files RWX flags setting unpack itself Windows utilities AppData folder malicious URLs Tofsee Interception Windows DNS	1 Keyword trend analysis	3	1		12.0	M	47	admin

46413	2020-09-22 11:21	REP_N7PBJ5T.doc 1aa20f02c09fe66562ea0aa4ed35d2bc Vulnerability VirusTotal Malware Malicious Traffic unpack itself malicious URLs Windows DNS	2 Keyword trend analysis	2	3		5.2		20	admin

46414	2020-09-22 10:45	document_100201.doc 7acabd714807844ac9d9ecd321cb98b7 Malware download VirusTotal Malware exploit crash unpack itself malicious URLs Windows Exploit DNS crashed Downloader	1 Keyword trend analysis	1	6 Info ET INFO DYNAMIC_DNS Query to *.duckdns. Domain ET MALWARE Possible Malicious Macro DL EXE Feb 2016 ET CURRENT_EVENTS Terse alphanumeric executable downloader high likelihood of being hostile ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET POLICY PE EXE or DLL Windows file download HTTP ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M2		4.8		25	admin

46415	2020-09-22 10:25	sxr1XHOvHEap.exe 6e1574b84616c5162bbf120fc3b3b4a0 Malware Malicious Traffic RWX flags setting unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName Remote Code Execution DNS Cryptographic key	1 Keyword trend analysis	1			5.6			admin

46416	2020-09-22 10:12	p_1701vg9ts1.jpg.exe 264cc8acfd74b2dc61c4601ebed22625 VirusTotal Malware Check memory Checks debugger Creates executable files unpack itself AppData folder malicious URLs WriteConsoleW DNS		1	1		5.8		60	admin

46417	2020-09-22 10:10	MAIN.exe 7c357e54f775f0042c2d8e36d0c38fa9 Dridex TrickBot VirusTotal Malware PDB Malicious Traffic unpack itself Check virtual network interfaces malicious URLs Tofsee Kovter ComputerName DNS	3 Keyword trend analysis Info http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt https://172.98.192.214/cSVlo1FeFAInvJDJkZ9P99GLwSTqIGUF https://www.amazon.com/s/ref=nb_sb_noss_1/167-3294888-0262949/field-keywords=books https://www.amazon.com/s/ref=nb_sb_noss_1/167-3294888-0262949/field-keywords=books https://www.amazon.com/s/ref=nb_sb_noss_1/167-3294888-0262949/field-keywords=books https://www.amazon.com/s/ref=nb_sb_noss_1/167-3294888-0262949/field-keywords=books https://www.amazon.com/s/ref=nb_sb_noss_1/167-3294888-0262949/field-keywords=books https://www.amazon.com/s/ref=nb_sb_noss_1/167-3294888-0262949/field-keywords=books https://www.amazon.com/s/ref=nb_sb_noss_1/167-3294888-0262949/field-keywords=books https://www.amazon.com/s/ref=nb_sb_noss_1/167-3294888-0262949/field-keywords=books https://www.amazon.com/s/ref=nb_sb_noss_1/167-3294888-0262949/field-keywords=books https://www.amazon.com/s/ref=nb_sb_noss_1/167-3294888-0262949/field-keywords=books https://www.amazon.com/s/ref=nb_sb_noss_1/167-3294888-0262949/field-keywords=books https://www.amazon.com/s/ref=nb_sb_noss_1/167-3294888-0262949/field-keywords=books https://www.amazon.com/s/ref=nb_sb_noss_1/167-3294888-0262949/field-keywords=books https://www.amazon.com/s/ref=nb_sb_noss_1/167-3294888-0262949/field-keywords=books https://www.amazon.com/s/ref=nb_sb_noss_1/167-3294888-0262949/field-keywords=books https://www.amazon.com/s/ref=nb_sb_noss_1/167-3294888-0262949/field-keywords=books https://www.amazon.com/s/ref=nb_sb_noss_1/167-3294888-0262949/field-keywords=books https://www.amazon.com/s/ref=nb_sb_noss_1/167-3294888-0262949/field-keywords=books https://www.amazon.com/s/ref=nb_sb_noss_1/167-3294888-0262949/field-keywords=books	3	2		5.8	M	48	admin

46418	2020-09-22 10:08	Untitled-20200922-ET732.doc 7ce8d9626a27fb9e48df5ed6aa330727 Vulnerability VirusTotal Malware Malicious Traffic unpack itself malicious URLs Windows DNS	2 Keyword trend analysis	2	4		5.0		19	admin

46419	2020-09-21 16:29	DmUxQiZ.exe 9ef36eb6666cbd816063b6a067993c82 Malware PDB Malicious Traffic RWX flags setting unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName Remote Code Execution DNS Cryptographic key	1 Keyword trend analysis	3			7.8			admin

46420	2020-09-21 16:24	MES-20200921-67994.doc 26a77528506cd55eb3c4c2fd5d9604ce Vulnerability VirusTotal Malware Malicious Traffic unpack itself malicious URLs Tofsee DNS	3 Keyword trend analysis	4	1		6.4		11	admin

46421	2020-09-21 16:10	Dat 20200920 P78951.doc 276ecb6b0eae11d22873e390b0a4a93d Vulnerability VirusTotal Malware Malicious Traffic unpack itself malicious URLs Tofsee Windows DNS	2 Keyword trend analysis	5	4		6.4	M	36	admin

46422	2020-09-21 14:40	Offer-ART200904-20phz.exe 39f083bf241eb90c900c26460e25fa6c Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Ransomware Windows Browser Tor Email ComputerName Cryptographic key Software crashed					15.6		40	admin

46423	2020-09-21 13:45	Offer-ART200904-20phz.exe 39f083bf241eb90c900c26460e25fa6c Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Ransomware Windows Browser Tor Email ComputerName Cryptographic key Software crashed					15.6		40	admin

46424	2020-09-21 13:38	Offer-ART200904-20phz.exe 39f083bf241eb90c900c26460e25fa6c Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Ransomware Windows Browser Tor Email ComputerName Cryptographic key Software crashed					15.6		40	admin

46425	2020-09-21 13:32	Offer-ART200904-20phz.exe 39f083bf241eb90c900c26460e25fa6c Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Ransomware Windows Browser Tor Email ComputerName Cryptographic key Software crashed					15.0		40	admin