Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
46816	2020-08-05 16:54	9fc542be9b40ee6ce1bdf777140fcc... b4d654755e5fb496138ed0e9c4121e84 Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files RWX flags setting unpack itself Windows utilities AppData folder malicious URLs AntiVM_Disk VM Disk Size Check human activity check Windows ComputerName	4 Keyword trend analysis	4			6.6			admin

46817	2020-08-05 14:27	ColorCop.exe bd7f8c6270d807d966fc9ffce798aa58 Check memory unpack itself malicious URLs					1.6		1	guest

46818	2020-08-05 11:20	http://www.nalara12200.o-r.kr Code Injection unpack itself Windows utilities Windows					1.8			guest

46819	2020-08-05 09:57	PH7664034.vbs 11f2464133f1b112799f4ecea59e62df buffers extracted wscript.exe payload download Creates executable files unpack itself AppData folder malicious URLs DNS	1 Keyword trend analysis	3			5.8			admin

46820	2020-08-05 09:51	PH7664034.vbs 11f2464133f1b112799f4ecea59e62df buffers extracted wscript.exe payload download malicious URLs	1 Keyword trend analysis	9			2.8			admin

46821	2020-08-04 18:22	vbc.exe 142fda88fbe1d33916984ea79dbdfbb7 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs					7.8	M	32	admin

46822	2020-08-04 16:23	pwininilogs.txt.exe 66fc2899f92ca095d9c27c62eea6cd12 Browser Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows Browser Email ComputerName Cryptographic key crashed keylogger					12.8	M	31	admin

46823	2020-08-04 16:19	obi.exe 30693785c05f4ff68867f0a8432e4cdc Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Checks debugger unpack itself malicious URLs Windows Browser Email ComputerName Software crashed					6.2	M	49	admin

46824	2020-08-04 16:01	8888888.png.exe e263807c6581fe27f0ceb6ad871877f3 Malware AutoRuns Code Injection Malicious Traffic Check memory buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities Detects VMWare suspicious process malicious URLs sandbox evasion WriteConsoleW VMware human activity check Windows Browser ComputerName DNS crashed	1 Keyword trend analysis	1			12.0			admin

46825	2020-08-04 14:34	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 Code Injection Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit DNS crashed	1 Keyword trend analysis	1			4.2			김철수

46826	2020-08-04 14:31	http://www.nalara12200.o-r.kr Code Injection RWX flags setting unpack itself Windows utilities Windows					2.2			guest

46827	2020-08-04 14:29	http://www.nalara12200.o-r.kr Code Injection RWX flags setting unpack itself Windows utilities Windows					2.2

46828	2020-08-04 14:25	http://download.betanews.com/d... 02a03bda6410df829ed58c0ade7454b5 Code Injection Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit DNS crashed	1 Keyword trend analysis	1			4.2			admin

46829	2020-08-04 14:01	http://mp3-tools.com/downloads... VirusTotal Malware Code Injection unpack itself Windows utilities Windows DNS	1 Keyword trend analysis	1			3.2			admin

46830	2020-08-04 13:56	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 Code Injection Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit DNS crashed	2 Keyword trend analysis	1			4.2			김철수