Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
47191	2020-07-27 23:44	4aWaRWqMftN8Eag.exe 507eb8cc7d37d56796ec1396202edbe5 Malware Malicious Traffic unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName DNS Cryptographic key	1 Keyword trend analysis	1			6.2

47192	2020-07-27 23:37	ynlGo5.exe 873f57fbb5b1d477dee03e239ffbd0e4 AutoRuns unpack itself Auto service malicious URLs AntiVM_Disk sandbox evasion VM Disk Size Check human activity check Windows Advertising ComputerName DNS Cryptographic key	1 Keyword trend analysis	2			10.0

47193	2020-07-27 23:36	C3Em2Xkstj.exe e34b6d45478a4164ddb0a7fe12aca8bd VirusTotal Malware unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName DNS Cryptographic key	1 Keyword trend analysis	2			6.6		17

47194	2020-07-27 23:15	cCyav9CFdcaHHCvH.exe d1912eda2ceb49f3996f41433fb2b1e4 Malware Malicious Traffic unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName DNS Cryptographic key	1 Keyword trend analysis	1			6.2

47195	2020-07-27 22:43	ok.exe c8d3124da2597ed5622840c8129bd6f6 VirusTotal Malware Check memory Checks debugger unpack itself malicious URLs WriteConsoleW DNS		1			4.6		59

47196	2020-07-27 22:40	http://office-update.net/downl... ad3466af04f621e545844ecbc527b1df VirusTotal Malware Code Injection buffers extracted Creates executable files RWX flags setting exploit crash unpack itself Windows utilities AppData folder malicious URLs sandbox evasion Windows Exploit Browser ComputerName DNS crashed	3 Keyword trend analysis	1			12.2	M	27

47197	2020-07-27 22:25	yvRxbOX51neXS8tNNlp.exe ebefacec5827f92468c7f54e7a5dc696 VirusTotal Malware AutoRuns unpack itself Auto service malicious URLs AntiVM_Disk sandbox evasion VM Disk Size Check human activity check Windows Advertising ComputerName DNS Cryptographic key	3 Keyword trend analysis	2			10.4		6

47198	2020-07-27 22:24	AMsxqK9O0EU3sBPvgu.exe 37ca32ede959296b053e4e8d31c0b1ff VirusTotal Malware unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName DNS Cryptographic key	3 Keyword trend analysis	2			6.0		16

47199	2020-07-27 22:11	FILE_41779031.doc da42d4cab53a879f029e3d50ab3f47b3 Vulnerability VirusTotal Malware unpack itself					2.6		22

47200	2020-07-27 22:11	info_2020.doc 6b3c9490c6f33ebaa98cc84599ce9b10 Vulnerability VirusTotal Malware unpack itself	4 Keyword trend analysis Info http://192.168.56.104:2869/upnphost/udhisapi.dll?content=uuid:03daaf8e-3c0a-468c-bc36-def7e5313f47 http://192.168.56.104:2869/upnphost/udhisapi.dll?content=uuid:2d284ad3-5648-4376-8360-b0559e35418f http://192.168.56.104:2869/upnphost/udhisapi.dll?content=uuid:8f903919-fac4-4af5-ab32-015dce9aafba http://192.168.56.104:2869/upnphost/udhisapi.dll?content=uuid:d96d86f3-ac35-41f2-9523-f4e50073f2f3				2.6		22

47201	2020-07-27 22:11	ZF0035378-27-2020.doc e7471cc7a3001014d7952c789b585d2e Vulnerability VirusTotal Malware unpack itself	4 Keyword trend analysis Info http://192.168.56.104:2869/upnphost/udhisapi.dll?content=uuid:03daaf8e-3c0a-468c-bc36-def7e5313f47 http://192.168.56.104:2869/upnphost/udhisapi.dll?content=uuid:2d284ad3-5648-4376-8360-b0559e35418f http://192.168.56.104:2869/upnphost/udhisapi.dll?content=uuid:8f903919-fac4-4af5-ab32-015dce9aafba http://192.168.56.104:2869/upnphost/udhisapi.dll?content=uuid:d96d86f3-ac35-41f2-9523-f4e50073f2f3				2.6	M	22

47202	2020-07-27 17:30	http://www.nalara1220.o-r.kr/ c032bb944d6fba21799bd5a4df5b6122 Code Injection Creates executable files unpack itself Windows utilities Windows DNS	8 Keyword trend analysis Info http://192.168.56.104:2869/upnphost/udhisapi.dll?content=uuid:03daaf8e-3c0a-468c-bc36-def7e5313f47 http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js http://www.nalara1220.o-r.kr/CSS/css/lightslider.css http://www.nalara1220.o-r.kr/main.jsp http://www.nalara1220.o-r.kr/CSS/mainC.css http://www.nalara1220.o-r.kr/ http://192.168.56.104:2869/upnphost/udhisapi.dll?content=uuid:2d284ad3-5648-4376-8360-b0559e35418f http://www.nalara1220.o-r.kr/CSS/js/lightslider.js	2			3.2

47203	2020-07-27 17:30	http://www.nalara1220.o-r.kr/ c032bb944d6fba21799bd5a4df5b6122 Code Injection Creates executable files unpack itself Windows utilities Windows	8 Keyword trend analysis Info http://192.168.56.104:2869/upnphost/udhisapi.dll?content=uuid:03daaf8e-3c0a-468c-bc36-def7e5313f47 http://www.nalara1220.o-r.kr/CSS/js/lightslider.js http://www.nalara1220.o-r.kr/main.jsp http://192.168.56.104:2869/upnphost/udhisapi.dll?content=uuid:2d284ad3-5648-4376-8360-b0559e35418f http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js http://www.nalara1220.o-r.kr/ http://www.nalara1220.o-r.kr/CSS/mainC.css http://www.nalara1220.o-r.kr/CSS/css/lightslider.css	4			2.6

47204	2020-07-27 17:02	http://www.nalara1220.o-r.kr/ c032bb944d6fba21799bd5a4df5b6122 Code Injection Creates executable files RWX flags setting unpack itself Windows utilities Windows	6 Keyword trend analysis	4			3.0

47205	2020-07-27 17:02	http://www.nalara1220.o-r.kr/ c032bb944d6fba21799bd5a4df5b6122 Code Injection Creates executable files RWX flags setting unpack itself Windows utilities Windows	6 Keyword trend analysis	4			3.0