Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
47116	2020-07-28 16:41	http://www.nalara1220.o-r.kr c032bb944d6fba21799bd5a4df5b6122 Code Injection Creates executable files unpack itself Windows utilities Windows DNS	6 Keyword trend analysis	2			3.2

47117	2020-07-28 16:35	http://www.nalara1220.o-r.kr c032bb944d6fba21799bd5a4df5b6122 Code Injection Creates executable files unpack itself Windows utilities Windows DNS	6 Keyword trend analysis	2			3.2

47118	2020-07-28 16:32	http://www.nalara1220.o-r.kr c032bb944d6fba21799bd5a4df5b6122 Code Injection Creates executable files RWX flags setting unpack itself Windows utilities Windows	6 Keyword trend analysis	4			3.0

47119	2020-07-28 16:29	http://www.nalara1220.o-r.kr c032bb944d6fba21799bd5a4df5b6122 Code Injection Creates executable files unpack itself Windows utilities Windows DNS	6 Keyword trend analysis	2			3.2

47120	2020-07-28 16:25	http://www.nalara1220.o-r.kr c032bb944d6fba21799bd5a4df5b6122 Code Injection Creates executable files unpack itself Windows utilities Windows DNS	6 Keyword trend analysis	2			3.2

47121	2020-07-28 16:22	http://www.nalara1220.o-r.kr c032bb944d6fba21799bd5a4df5b6122 Code Injection Creates executable files RWX flags setting unpack itself Windows utilities Windows DNS	6 Keyword trend analysis	2			3.6

47122	2020-07-28 16:15	http://www.nalara1220.o-r.kr c032bb944d6fba21799bd5a4df5b6122 Code Injection Creates executable files unpack itself Windows utilities Windows DNS	6 Keyword trend analysis	2			3.2

47123	2020-07-28 15:22	http://www.nalara1220.o-r.kr c032bb944d6fba21799bd5a4df5b6122 Code Injection Creates executable files RWX flags setting unpack itself Windows utilities Windows DNS	6 Keyword trend analysis	2			3.6

47124	2020-07-28 15:14	astx_setup.exe e766db22a97ac40e4e8c926f272250ab VirusTotal Malware AutoRuns Check memory Checks debugger Creates executable files unpack itself Windows utilities AppData folder malicious URLs AntiVM_Disk sandbox evasion WriteConsoleW Firewall state off VM Disk Size Check Ransomware Windows ComputerName					8.2		1

47125	2020-07-28 15:11	UniSignCRSV3Setup.exe 3bc8fa98ea99c1d05756ab42799a8ba0 VirusTotal Malware AutoRuns Check memory Checks debugger Creates executable files unpack itself Checks Bios Detects VirtualBox Detects VMWare AppData folder malicious URLs AntiVM_Disk sandbox evasion VMware anti-virtualization VM Disk Size Check Windows ComputerName crashed					10.4		5

47126	2020-07-28 15:10	python-2.7.18.amd64.msi a425c758d38f8e28b56f4724b499239a suspicious privilege MachineGuid Check memory Checks debugger Creates shortcut unpack itself malicious URLs AntiVM_Disk VM Disk Size Check human activity check installed browsers check Ransomware Browser ComputerName					4.4

47127	2020-07-28 15:03	python-2.7.18.amd64.msi a425c758d38f8e28b56f4724b499239a suspicious privilege Check memory Checks debugger Creates shortcut unpack itself AntiVM_Disk VM Disk Size Check Ransomware ComputerName					2.8

47128	2020-07-28 15:02	UniSignCRSV3Setup.exe 3bc8fa98ea99c1d05756ab42799a8ba0 VirusTotal Malware AutoRuns Check memory Checks debugger Creates executable files unpack itself Checks Bios Detects VirtualBox Detects VMWare AppData folder malicious URLs AntiVM_Disk sandbox evasion VMware anti-virtualization VM Disk Size Check Windows ComputerName crashed					10.4		5

47129	2020-07-28 14:28	UniSignCRSV3Setup.exe 3bc8fa98ea99c1d05756ab42799a8ba0 Check memory Creates executable files unpack itself AntiVM_Disk VM Disk Size Check ComputerName					2.8

47130	2020-07-28 14:28	TouchEn_nxKey_32bit.exe 38e9393d6d801a71019d0bac4d77da4a VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Creates executable files unpack itself Windows utilities Auto service AppData folder malicious URLs sandbox evasion Windows Remote Code Execution					9.2		2