Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
46786	2020-08-10 17:37	wfdJJbjf3L.exe c252746fea8af8e146cc2c4f028aee7a Malware Malicious Traffic unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName DNS Cryptographic key	1 Keyword trend analysis	4			6.8			guest

46787	2020-08-10 16:45	BDCAMSETUP_KOR.EXE b1518ca2baf0533020349fea22438a63 AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files RWX flags setting exploit crash unpack itself Windows utilities suspicious process AppData folder malicious URLs AntiVM_Disk sandbox evasion VM Disk Size Check human activity check installed browsers check Windows Exploit Browser Advertising ComputerName crashed	20 Keyword trend analysis Info http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml https://www.bandicam.co.kr/f.php?id=kor_app_complete_install&v=2 https://www.bandicam.co.kr/support/start/ https://www.bandicam.co.kr/js/bootstrap-3.3.2.min.css?20200731 https://www.bandicam.co.kr/style.min.css?20200731 https://www.googletagmanager.com/gtag/js?id=UA-20339103-1 https://www.bandicam.co.kr/style.min.css?20200731 https://www.bandicam.co.kr/js/bootstrap-3.3.2.min.css?20200731 https://fonts.googleapis.com/css?family=Nanum+Gothic https://www.bandicam.co.kr/js/jquery-3.3.1.custom.js https://www.google-analytics.com/analytics.js https://www.google-analytics.com/r/collect?v=1&_v=j83&a=891909642&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bandicam.co.kr%2Fsupport%2Fstart%2F&ul=ko&de=utf-8&dt=%ED%94%84%EB%A1%9C%EA%B7%B8%EB%9E%A8%20%EC%84%A4%EC%B9%98%EA%B0%80%20%EC%99%84%EB%A3%8C%EB%90%98%EC%97%88%EC%8A%B5%EB%8B%88%EB%8B%A4%20-%20%EB%B0%98%EB%94%94%EC%BA%A0&sd=24-bit&sr=1365x1024&vp=1233x841&je=1&fl=13.0%20r0&_u=IEBAAU~&jid=924602955&gjid=6643929&cid=1548330542.1597076314&tid=UA-20339103-1&_gid=873477484.1597076314&_r=1>m=2ou7v1&z=837017259 https://www.bandicam.co.kr/js/bootstrap-3.3.2.min.js https://www.bandicam.co.kr/magnific-popup.min.css https://www.bandicam.co.kr/include/fonts/glyphicons-halflings-regular.eot? https://wcs.naver.net/wcslog.js https://www.bandicam.co.kr/js/acecounter_cts.js https://wcs.naver.com/m?u=https%3A%2F%2Fwww.bandicam.co.kr%2Fsupport%2Fstart%2F&e=&wa=s_502950d95e2b&bt=-1&os=Win32&ln=ko&sr=1365x1024&bw=1211&bh=841&c=24&j=Y&jv=1.8&k=Y&ct=lan&cs=utf-8&tl=%25ED%2594%2584%25EB%25A1%259C%25EA%25B7%25B8%25EB%259E%25A8%2520%25EC%2584%25A4%25EC%25B9%2598%25EA%25B0%2580%2520%25EC%2599%2584%25EB%25A3%258C%25EB%2590%2598%25EC%2597%2588%25EC%258A%25B5%25EB%258B%2588%25EB%258B%25A4%2520-%2520%25EB%25B0%2598%25EB%2594%2594%25EC%25BA%25A0&vs=0.7.1&nt=1597076315166&EOU https://www.bandicam.co.kr/js/jquery.magnific-popup.min.js https://www.bandicam.co.kr/downloads/version_kor.ini https://www.bandicam.co.kr/app_info/index2.php?v=4.6.1.1688&r=0 https://www.google-analytics.com/analytics.js https://www.google-analytics.com/r/collect?v=1&_v=j83&a=2031054232&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bandicam.co.kr%2Fapp_info%2Findex2.php%3Fv%3D4.6.1.1688%26r%3D0&ul=ko&de=utf-8&sd=24-bit&sr=1024x768&vp=&je=1&fl=13.0%20r0&_u=AAC~&jid=688910507&gjid=268064380&cid=1548330542.1597076314&tid=UA-20339103-7&_gid=873477484.1597076314&_r=1&z=149846623	14 Info wcs.naver.net(184.28.153.161) ie9cvlist.ie.microsoft.com(117.18.232.200) fonts.googleapis.com(172.217.27.74) wcs.naver.com(210.89.160.128) www.bandicam.co.kr(52.79.149.71) www.googletagmanager.com(172.217.27.72) www.google-analytics.com(172.217.31.142) 117.18.232.200 210.89.160.128 216.58.197.110 216.58.199.104 216.58.200.10 23.53.225.247 52.79.149.71			11.2			guest

46788	2020-08-09 14:04	rckjxiy188780.exe 8332d7713ad91c2b198e25457ff11b4b VirusTotal Malware Malicious Traffic unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName Remote Code Execution DNS Cryptographic key	1 Keyword trend analysis	2			7.4		22	guest

46789	2020-08-08 11:48	http://192.227.158.103/img/new... cc845743066bb470fa089a5ff3e5645c VirusTotal Malware Code Injection Malicious Traffic Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit DNS crashed	1 Keyword trend analysis	1			5.0	M		guest

46790	2020-08-08 11:43	XBfM.exe df451ea02b200864299a3140fc2380f0 VirusTotal Malware Malicious Traffic unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName Remote Code Execution DNS Cryptographic key	1 Keyword trend analysis	1			5.6		10	guest

46791	2020-08-08 11:42	http://ht-srl.com/t23p3.html 1562e5d750ec6ef60c0edf084b1cba66								guest

46792	2020-08-08 11:35	http://philosopherswheel.com/p... VirusTotal Malware Code Injection unpack itself Windows utilities malicious URLs Windows DNS	1 Keyword trend analysis	1			3.8	M		guest

46793	2020-08-08 11:04	6ayt978390570.exe 3bc2e29dc56dd81f3b571ca5ef8a1337 Malware Malicious Traffic unpack itself malicious URLs sandbox evasion Windows Browser Advertising ComputerName Remote Code Execution DNS Cryptographic key	1 Keyword trend analysis	9			7.6			guest

46794	2020-08-07 15:04	http://hostech.com.br/cgi-bin/... b75d5e5e2ef6331e6d235edc4cb5b631 Vulnerability VirusTotal Malware MachineGuid Code Injection Check memory Checks debugger unpack itself Windows utilities malicious URLs Windows	1 Keyword trend analysis	4			6.2	M		admin

46795	2020-08-07 15:01	http://seatrade.com.eg/index_f... ce216b1b8449d089e6a31d56065a5050 VirusTotal Malware Code Injection RWX flags setting unpack itself Windows utilities Windows		1			2.8	M		admin

46796	2020-08-07 13:41	http://jsya.co.kr/@eaDir/trust... 0e90fd6383ca1a73e75b19a0c7b68f14 Vulnerability VirusTotal Malware MachineGuid Code Injection Check memory Checks debugger unpack itself Windows utilities malicious URLs human activity check Windows	1 Keyword trend analysis	4			6.6	M		guest

46797	2020-08-07 13:38	http://jsya.co.kr/@eaDir/trust... 0e90fd6383ca1a73e75b19a0c7b68f14 Vulnerability VirusTotal Malware MachineGuid Code Injection Check memory Checks debugger unpack itself Windows utilities malicious URLs installed browsers check Windows Browser	1 Keyword trend analysis	2			6.8	M		guest

46798	2020-08-07 13:19	7PS11YgKn.exe 384867494998d85b37b36cdb2539b860 unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName Remote Code Execution DNS Cryptographic key	1 Keyword trend analysis	2			5.2			admin

46799	2020-08-07 13:12	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 Code Injection Check memory Creates executable files unpack itself Windows utilities AppData folder Windows	2 Keyword trend analysis	2			4.6			guest

46800	2020-08-07 13:02	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 Code Injection RWX flags setting unpack itself Windows utilities Windows	2 Keyword trend analysis	2			2.6			guest