Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
47281	2020-07-23 10:43	http://www.nalara1220.o-r.kr/ c032bb944d6fba21799bd5a4df5b6122 Dridex Malware Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	7 Keyword trend analysis Info http://www.nalara1220.o-r.kr/CSS/js/lightslider.js http://www.nalara1220.o-r.kr/CSS/css/lightslider.css http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js http://www.nalara1220.o-r.kr/CSS/mainC.css http://www.nalara1220.o-r.kr/ http://www.nalara1220.o-r.kr/main.jsp http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml	8	3		4.6

47282	2020-07-23 00:26	견적서20200702,pdf.exe 3b9887f9f9ff50f1c1862b654dea0b80 VirusTotal Malware malicious URLs					2.2		31

47283	2020-07-23 00:23	nDGG7uAL7NbhjRK.exe 94f5d57d1bb59e0d46ef9d2f46c438db Checks debugger unpack itself Detects VirtualBox malicious URLs Windows					2.6

47284	2020-07-23 00:16	nDGG7uAL7NbhjRK.exe 94f5d57d1bb59e0d46ef9d2f46c438db unpack itself Detects VirtualBox malicious URLs Windows					2.4

47285	2020-07-22 23:55	nDGG7uAL7NbhjRK.exe 94f5d57d1bb59e0d46ef9d2f46c438db Checks debugger unpack itself Detects VirtualBox malicious URLs Tofsee Windows	3 Keyword trend analysis Info http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=0.0.0.0&asdelta=0.0.0.0&prod=925A3ACA-C353-458A-AC8D-A7E5EB378092 https://www.microsoft.com/security/encyclopedia/adlpackages.aspx?arch=x86&eng=0.0.0.0&asdelta=0.0.0.0&prod=925A3ACA-C353-458A-AC8D-A7E5EB378092 https://definitionupdates.microsoft.com/download/DefinitionUpdates/VersionedSignatures/AM/1.319.2039.0/x86/mpas-fe.exe	6	1		3.0

47286	2020-07-22 23:37	nDGG7uAL7NbhjRK.exe 94f5d57d1bb59e0d46ef9d2f46c438db unpack itself Detects VirtualBox malicious URLs Windows					2.4

47287	2020-07-22 22:48	nDGG7uAL7NbhjRK.exe 94f5d57d1bb59e0d46ef9d2f46c438db unpack itself Detects VirtualBox malicious URLs Windows					2.4

47288	2020-07-22 22:46	nDGG7uAL7NbhjRK.exe 94f5d57d1bb59e0d46ef9d2f46c438db

47289	2020-07-22 22:45	nDGG7uAL7NbhjRK.exe 94f5d57d1bb59e0d46ef9d2f46c438db unpack itself Detects VirtualBox malicious URLs Windows					2.4

47290	2020-07-22 19:48	견적서20200702,pdf.exe 3b9887f9f9ff50f1c1862b654dea0b80 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs					7.8		31

47291	2020-07-22 19:42	nDGG7uAL7NbhjRK.exe 94f5d57d1bb59e0d46ef9d2f46c438db unpack itself Detects VirtualBox malicious URLs Windows					2.4

47292	2020-07-22 19:22	nDGG7uAL7NbhjRK.exe 1e3b01b7f5bd3507a06f034d50282184 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs					8.0		53

47293	2020-07-22 19:05	견적서20200702,pdf.exe 3b9887f9f9ff50f1c1862b654dea0b80 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs					7.8		31

47294	2020-07-22 19:02	hng1vO2Fj7G.exe 44c8313f848ac01a0c6871129bb89ca6 Emotet Malware download Malware Report Check memory unpack itself malicious URLs sandbox evasion Interception Windows Advertising ComputerName Remote Code Execution DNS Cryptographic key	1 Keyword trend analysis	1	3		5.6

47295	2020-07-22 19:00	cursor.png.exe bbf3d850aef940c9a2bb54ef2fd4bd09 Report suspicious privilege buffers extracted RWX flags setting unpack itself malicious URLs ComputerName DNS		3	2		5.6