Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
46801	2020-08-07 12:38	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 Code Injection Creates executable files exploit crash unpack itself Windows utilities Windows Exploit crashed	3 Keyword trend analysis	5			3.2			guest

46802	2020-08-07 11:59	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 Code Injection Creates executable files exploit crash unpack itself Windows utilities Windows Exploit crashed	3 Keyword trend analysis	4			3.2			guest

46803	2020-08-07 11:35	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 Code Injection Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit crashed	3 Keyword trend analysis	5			3.6			guest

46804	2020-08-07 11:25	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 Code Injection Creates executable files RWX flags setting unpack itself Windows utilities AppData folder Windows	2 Keyword trend analysis	2			3.4			guest

46805	2020-08-07 11:20	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 Code Injection Creates executable files RWX flags setting unpack itself Windows utilities Windows	2 Keyword trend analysis	2			3.0			guest

46806	2020-08-07 11:02	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 Code Injection Creates executable files unpack itself Windows utilities Windows	2 Keyword trend analysis	2			2.6			guest

46807	2020-08-06 09:55	HT3336781.vbs f35cba35310465b5d1d3342f6b975281 Check memory buffers extracted wscript.exe payload download Creates executable files unpack itself AppData folder malicious URLs sandbox evasion ComputerName DNS		1			7.0			admin

46808	2020-08-06 08:22	http://odytravelgear.com/tsaap... 1e92031e07379c577fee85bba2f4105f VirusTotal Malware Code Injection exploit crash unpack itself Windows utilities Windows Exploit DNS crashed	1 Keyword trend analysis	1			3.8			guest

46809	2020-08-05 21:07	9ap.exe dc53687edeef1e6392448f4c71e30e55 VirusTotal Malware Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder malicious URLs crashed					3.8	M	19	guest

46810	2020-08-05 21:07	don.exe 208f816508c0be434d4ee05f7895f9d4 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows Browser Email ComputerName Cryptographic key Software crashed keylogger					15.2	M	20	guest

46811	2020-08-05 20:50	Inv_NS1415_59693562.doc 9dc6c15bd5cadbea76473ca0a61270d0 Vulnerability VirusTotal Malware unpack itself					2.8	M	37	guest

46812	2020-08-05 20:46	HT3336781.vbs f35cba35310465b5d1d3342f6b975281 Check memory buffers extracted wscript.exe payload download Creates executable files unpack itself AppData folder malicious URLs sandbox evasion ComputerName DNS		1			7.0			guest

46813	2020-08-05 17:21	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 Malware MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files ICMP traffic exploit crash unpack itself Windows utilities AppData folder malicious URLs AntiVM_Disk Firewall state off VM Disk Size Check Ransomware Interception Windows Exploit ComputerName crashed	4 Keyword trend analysis Info http://download.nullsoft.com/redist/dx/d3dx9_31_42_x86_embed.exe http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml https://download.nullsoft.com/winamp/client/winamp58_3660_beta_full_en-us.exe https://download.nullsoft.com/winamp/misc/winamp58_3660_beta_full_en-us.exe https://download.nullsoft.com/winamp/misc/winamp58_3660_beta_full_en-us.exe	6			11.0			admin

46814	2020-08-05 17:08	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 Code Injection Creates executable files exploit crash unpack itself Windows utilities AppData folder malicious URLs Windows Exploit crashed	3 Keyword trend analysis	5			4.0			admin

46815	2020-08-05 17:00	FreeWMAToMP3Converter.exe b4d654755e5fb496138ed0e9c4121e84 Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files RWX flags setting unpack itself Windows utilities AppData folder malicious URLs AntiVM_Disk VM Disk Size Check human activity check Windows ComputerName	3 Keyword trend analysis	4			6.6			admin