Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
46981	2020-07-30 19:17	own.exe c9d29e2071fa129ceeabff93c460c37a VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows ComputerName Cryptographic key					8.8	M	22

46982	2020-07-30 19:12	iws.exe 87ab3c9d95d82555765c6dca0667975a VirusTotal Malware AutoRuns unpack itself malicious URLs AntiVM_Disk sandbox evasion VM Disk Size Check human activity check Windows ComputerName Remote Code Execution DNS		4			9.6		65

46983	2020-07-30 19:11	mY29HUcXmsvxR58.exe 3c56206080a16995a0e9c686ffbde5c1 Browser Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows Browser Email ComputerName crashed keylogger					10.6	M	19

46984	2020-07-30 19:02	INVOICE 2716-300397.doc bcc2fc9203b0b000565ce197db22a503 Vulnerability VirusTotal Malware unpack itself					2.6		28

46985	2020-07-30 19:02	BAL_SL7895839983PH.doc d485d3df948c1ca2ac7ae5e9916cd704 Vulnerability VirusTotal Malware unpack itself					2.8		30

46986	2020-07-30 17:12	2xp2t9649.exe dedaa6e9be869d05d710493436323d42 VirusTotal Malware Malicious Traffic unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName DNS Cryptographic key	2 Keyword trend analysis	2			6.4		14

46987	2020-07-30 17:11	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 Code Injection Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit DNS crashed	2 Keyword trend analysis	1			4.2

46988	2020-07-30 17:03	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files ICMP traffic unpack itself Windows utilities AppData folder malicious URLs AntiVM_Disk sandbox evasion Firewall state off VM Disk Size Check human activity check installed browsers check Ransomware Interception Windows Browser ComputerName	7 Keyword trend analysis Info http://client.winamp.com/update?v=5.8&ID=3CD44F77D86D0345A38F4DFC73531CF7&lang=en-US http://download.nullsoft.com/redist/dx/d3dx9_31_42_x86_embed.exe http://client.winamp.com/update?v=5.8&ID=3CD44F77D86D0345A38F4DFC73531CF7&st1=0&st2=0&st3=0&st4=0&st5=0&st6=0&st7=0&st8=0&st9=0&st10=0&st11=0&st12=-1&st13=0&st14=0&st15=0&st16=0&st17=0&st18=0&st19=0&st20=0&st21=0&st22=0&st23=0&st24=0&st25=0&st26=0&lang=en-US http://client.winamp.com/update/client_session.php?v=5.8&ID=3CD44F77D86D0345A38F4DFC73531CF7&st1=0&st2=0&st3=0&st4=0&st5=0&st6=0&st7=0&st8=0&st9=0&st10=0&st11=0&st12=-1&st13=0&st14=0&st15=0&st16=0&st17=0&st18=0&st19=0&st20=0&st21=0&st22=0&st23=0&st24=0&st25=0&st26=0&lang=en-US http://client.winamp.com/update/latest-version.php?v=5.8&ID=3CD44F77D86D0345A38F4DFC73531CF7&lang=en-US https://download.nullsoft.com/winamp/client/winamp58_3660_beta_full_en-us.exe https://download.nullsoft.com/winamp/misc/winamp58_3660_beta_full_en-us.exe	6			12.8

46989	2020-07-30 16:50	http://www.nalara1220.o-r.kr c032bb944d6fba21799bd5a4df5b6122 Code Injection Creates executable files unpack itself Windows utilities Windows DNS	6 Keyword trend analysis	2			3.2

46990	2020-07-30 16:45	2xp2t9649.exe dedaa6e9be869d05d710493436323d42 VirusTotal Malware Malicious Traffic unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName DNS Cryptographic key	1 Keyword trend analysis	1			6.4		14

46991	2020-07-30 16:39	2xp2t9649.exe dedaa6e9be869d05d710493436323d42 VirusTotal Malware Malicious Traffic unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName DNS Cryptographic key	1 Keyword trend analysis	1			6.4		14

46992	2020-07-30 16:33	2xp2t9649.exe dedaa6e9be869d05d710493436323d42 VirusTotal Malware Malicious Traffic unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName DNS Cryptographic key	1 Keyword trend analysis	1			6.4		14

46993	2020-07-30 16:22	2xp2t9649.exe dedaa6e9be869d05d710493436323d42 VirusTotal Malware Malicious Traffic unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName DNS Cryptographic key	1 Keyword trend analysis	1			5.8		14

46994	2020-07-30 16:16	http://www.nalara1220.o-r.kr c032bb944d6fba21799bd5a4df5b6122 Code Injection Creates executable files unpack itself Windows utilities Windows DNS	6 Keyword trend analysis	2			3.2

46995	2020-07-30 15:51	2xp2t9649.exe dedaa6e9be869d05d710493436323d42 VirusTotal Malware Malicious Traffic unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName DNS Cryptographic key	1 Keyword trend analysis	1			5.8		14