Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
47461	2020-07-16 12:48	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted heapspray Creates shortcut Creates executable files ICMP traffic RWX flags setting exploit crash unpack itself Windows utilities AppData folder malicious URLs AntiVM_Disk sandbox evasion Firewall state off VM Disk Size Check human activity check installed browsers check Ransomware Interception Windows Exploit Browser ComputerName DNS crashed	9 Keyword trend analysis Info http://client.winamp.com/update/latest-version.php?v=5.8&ID=B95792D0C10F4E45938126A4750A7698&lang=en-US http://download.nullsoft.com/redist/dx/d3dx9_31_42_x86_embed.exe http://cert.int-x3.letsencrypt.org/ http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml http://client.winamp.com/update/client_session.php?v=5.8&ID=B95792D0C10F4E45938126A4750A7698&st1=0&st2=0&st3=0&st4=0&st5=0&st6=0&st7=0&st8=0&st9=0&st10=0&st11=0&st12=-1&st13=0&st14=0&st15=0&st16=0&st17=0&st18=0&st19=0&st20=0&st21=0&st22=0&st23=0&st24=0&st25=0&st26=0&lang=en-US http://client.winamp.com/update?v=5.8&ID=B95792D0C10F4E45938126A4750A7698&lang=en-US http://client.winamp.com/update?v=5.8&ID=B95792D0C10F4E45938126A4750A7698&st1=0&st2=0&st3=0&st4=0&st5=0&st6=0&st7=0&st8=0&st9=0&st10=0&st11=0&st12=-1&st13=0&st14=0&st15=0&st16=0&st17=0&st18=0&st19=0&st20=0&st21=0&st22=0&st23=0&st24=0&st25=0&st26=0&lang=en-US https://download.nullsoft.com/winamp/client/winamp58_3660_beta_full_en-us.exe https://download.nullsoft.com/winamp/misc/winamp58_3660_beta_full_en-us.exe	5			15.4

47462	2020-07-16 11:42	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 VirusTotal Malware Code Injection Creates executable files exploit crash unpack itself Windows utilities malicious URLs Windows Exploit DNS crashed	4 Keyword trend analysis	3			4.6

47463	2020-07-16 11:32	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted heapspray Creates shortcut Creates executable files ICMP traffic RWX flags setting exploit crash unpack itself Windows utilities AppData folder malicious URLs AntiVM_Disk sandbox evasion Firewall state off VM Disk Size Check installed browsers check Ransomware Interception Windows Exploit Browser ComputerName DNS crashed	9 Keyword trend analysis Info http://download.nullsoft.com/redist/dx/d3dx9_31_42_x86_embed.exe http://client.winamp.com/update?v=5.8&ID=19AB3FAD117593469A2DCD189007CDAC&st1=0&st2=0&st3=0&st4=0&st5=0&st6=0&st7=0&st8=0&st9=0&st10=0&st11=0&st12=-1&st13=0&st14=0&st15=0&st16=0&st17=0&st18=0&st19=0&st20=0&st21=0&st22=0&st23=0&st24=0&st25=0&st26=0&lang=en-US http://client.winamp.com/update/latest-version.php?v=5.8&ID=19AB3FAD117593469A2DCD189007CDAC&lang=en-US http://cert.int-x3.letsencrypt.org/ http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml http://client.winamp.com/update?v=5.8&ID=19AB3FAD117593469A2DCD189007CDAC&lang=en-US http://client.winamp.com/update/client_session.php?v=5.8&ID=19AB3FAD117593469A2DCD189007CDAC&st1=0&st2=0&st3=0&st4=0&st5=0&st6=0&st7=0&st8=0&st9=0&st10=0&st11=0&st12=-1&st13=0&st14=0&st15=0&st16=0&st17=0&st18=0&st19=0&st20=0&st21=0&st22=0&st23=0&st24=0&st25=0&st26=0&lang=en-US https://download.nullsoft.com/winamp/client/winamp58_3660_beta_full_en-us.exe https://download.nullsoft.com/winamp/misc/winamp58_3660_beta_full_en-us.exe	5			14.4

47464	2020-07-16 11:23	http://tedec.com/dl/webupdate.... 22cc193a547944f685e79c52acc235a2 VirusTotal Malware Code Injection exploit crash unpack itself Windows utilities Windows Exploit DNS crashed	2 Keyword trend analysis	2			3.8	M

47465	2020-07-16 10:53	http://tedec.com/dl/webupdate.... 22cc193a547944f685e79c52acc235a2 VirusTotal Malware Code Injection exploit crash unpack itself Windows utilities Windows Exploit DNS crashed	2 Keyword trend analysis	2			3.8	M

47466	2020-07-16 10:30	http://tedec.com/dl/webupdate.... 22cc193a547944f685e79c52acc235a2 VirusTotal Malware Code Injection exploit crash unpack itself Windows utilities Windows Exploit DNS crashed	2 Keyword trend analysis	2			3.8	M

47467	2020-07-16 09:41	http://tedec.com/dl/webupdate.... 22cc193a547944f685e79c52acc235a2 VirusTotal Malware Code Injection exploit crash unpack itself Windows utilities Windows Exploit DNS crashed	2 Keyword trend analysis	2			3.8	M

47468	2020-07-16 08:48	http://lg3gservice.home.pl/pub... 4bc848434c23e4215c05b8060c21398b VirusTotal Malware Code Injection Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit DNS crashed	2 Keyword trend analysis	2			4.6	M

47469	2020-07-16 08:42	http://descargas.hispazone.org... 3444475276c19e50edeb4d21b61c5b5e VirusTotal Malware Code Injection Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit DNS crashed	2 Keyword trend analysis	2			4.6	M

47470	2020-07-15 18:02	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 VirusTotal Malware Code Injection Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit DNS crashed	4 Keyword trend analysis Info http://cert.int-x3.letsencrypt.org/ https://download.nullsoft.com/winamp/client/winamp58_3660_beta_full_en-us.exe https://download.nullsoft.com/winamp/misc/winamp58_3660_beta_full_en-us.exe https://clients2.google.com/service/check2?crx3=true&appid=%7B430FD4D0-B729-4F61-AA34-91526481799D%7D&appversion=1.3.35.452&applang=&machine=1&version=1.3.35.452&userid=&osversion=6.1&servicepack=Service%20Pack%201	3			4.6	M

47471	2020-07-15 18:00	http://175.208.134.150:8005/an... 5f6cc537fbd7613043e723e770e732e7 Code Injection unpack itself Windows utilities malicious URLs Windows DNS	18 Keyword trend analysis Info http://code.ionicframework.com/ionicons/2.0.1/fonts/ionicons.eot?v=2.0.1 http://175.208.134.150:8005/user/login/?next=/analysis/result/ http://175.208.134.150:8005/static/plugins/fontawesome-free/webfonts/fa-brands-400.eot? http://175.208.134.150:8005/static/plugins/fontawesome-free/webfonts/fa-regular-400.eot? http://175.208.134.150:8005/static/fonts/fa-solid-900.eot? http://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css http://175.208.134.150:8005/static/fonts/fa-light-300.eot? http://175.208.134.150:8005/favicon.ico http://175.208.134.150:8005/static/fonts/fa-regular-400.eot? http://175.208.134.150:8005/static/plugins/fontawesome-free/css/all.min.css http://175.208.134.150:8005/static/plugins/fontawesome-free/webfonts/fa-solid-900.eot? http://175.208.134.150:8005/static/fonts/fontawesome-webfont.eot? http://175.208.134.150:8005/static/custom/img/summer.webp http://175.208.134.150:8005/analysis/result/ http://175.208.134.150:8005/static/dist/css/adminlte.min.css http://175.208.134.150:8005/static/css/main.css http://175.208.134.150:8005/static/fonts/fa-brands-400.eot? https://clients2.google.com/service/check2?crx3=true&appid=%7B430FD4D0-B729-4F61-AA34-91526481799D%7D&appversion=1.3.35.452&applang=&machine=1&version=1.3.35.452&userid=&osversion=6.1&servicepack=Service%20Pack%201	3			3.8	M

47472	2020-07-15 17:41	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files ICMP traffic RWX flags setting unpack itself Windows utilities AppData folder malicious URLs AntiVM_Disk sandbox evasion Firewall state off VM Disk Size Check human activity check installed browsers check Ransomware Interception Windows Browser ComputerName DNS	8 Keyword trend analysis Info http://download.nullsoft.com/redist/dx/d3dx9_31_42_x86_embed.exe http://client.winamp.com/update/latest-version.php?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&lang=en-US http://cert.int-x3.letsencrypt.org/ http://client.winamp.com/update/client_session.php?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&st1=0&st2=0&st3=0&st4=0&st5=0&st6=0&st7=0&st8=0&st9=0&st10=0&st11=0&st12=-1&st13=0&st14=0&st15=0&st16=0&st17=0&st18=0&st19=0&st20=0&st21=0&st22=0&st23=0&st24=0&st25=0&st26=0&lang=en-US http://client.winamp.com/update?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&lang=en-US http://client.winamp.com/update?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&st1=0&st2=0&st3=0&st4=0&st5=0&st6=0&st7=0&st8=0&st9=0&st10=0&st11=0&st12=-1&st13=0&st14=0&st15=0&st16=0&st17=0&st18=0&st19=0&st20=0&st21=0&st22=0&st23=0&st24=0&st25=0&st26=0&lang=en-US https://download.nullsoft.com/winamp/client/winamp58_3660_beta_full_en-us.exe https://download.nullsoft.com/winamp/misc/winamp58_3660_beta_full_en-us.exe	5			13.6	M

47473	2020-07-15 16:39	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files ICMP traffic RWX flags setting unpack itself Windows utilities AppData folder malicious URLs AntiVM_Disk sandbox evasion Firewall state off VM Disk Size Check human activity check installed browsers check Ransomware Interception Windows Browser ComputerName DNS	8 Keyword trend analysis Info http://download.nullsoft.com/redist/dx/d3dx9_31_42_x86_embed.exe http://client.winamp.com/update/latest-version.php?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&lang=en-US http://cert.int-x3.letsencrypt.org/ http://client.winamp.com/update/client_session.php?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&st1=0&st2=0&st3=0&st4=0&st5=0&st6=0&st7=0&st8=0&st9=0&st10=0&st11=0&st12=-1&st13=0&st14=0&st15=0&st16=0&st17=0&st18=0&st19=0&st20=0&st21=0&st22=0&st23=0&st24=0&st25=0&st26=0&lang=en-US http://client.winamp.com/update?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&lang=en-US http://client.winamp.com/update?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&st1=0&st2=0&st3=0&st4=0&st5=0&st6=0&st7=0&st8=0&st9=0&st10=0&st11=0&st12=-1&st13=0&st14=0&st15=0&st16=0&st17=0&st18=0&st19=0&st20=0&st21=0&st22=0&st23=0&st24=0&st25=0&st26=0&lang=en-US https://download.nullsoft.com/winamp/client/winamp58_3660_beta_full_en-us.exe https://download.nullsoft.com/winamp/misc/winamp58_3660_beta_full_en-us.exe	5			13.6	M

47474	2020-07-15 16:32	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files ICMP traffic RWX flags setting unpack itself Windows utilities AppData folder malicious URLs AntiVM_Disk sandbox evasion Firewall state off VM Disk Size Check human activity check installed browsers check Ransomware Interception Windows Browser ComputerName DNS	8 Keyword trend analysis Info http://download.nullsoft.com/redist/dx/d3dx9_31_42_x86_embed.exe http://client.winamp.com/update/latest-version.php?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&lang=en-US http://cert.int-x3.letsencrypt.org/ http://client.winamp.com/update/client_session.php?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&st1=0&st2=0&st3=0&st4=0&st5=0&st6=0&st7=0&st8=0&st9=0&st10=0&st11=0&st12=-1&st13=0&st14=0&st15=0&st16=0&st17=0&st18=0&st19=0&st20=0&st21=0&st22=0&st23=0&st24=0&st25=0&st26=0&lang=en-US http://client.winamp.com/update?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&lang=en-US http://client.winamp.com/update?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&st1=0&st2=0&st3=0&st4=0&st5=0&st6=0&st7=0&st8=0&st9=0&st10=0&st11=0&st12=-1&st13=0&st14=0&st15=0&st16=0&st17=0&st18=0&st19=0&st20=0&st21=0&st22=0&st23=0&st24=0&st25=0&st26=0&lang=en-US https://download.nullsoft.com/winamp/client/winamp58_3660_beta_full_en-us.exe https://download.nullsoft.com/winamp/misc/winamp58_3660_beta_full_en-us.exe	5			13.6	M

47475	2020-07-15 13:50	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files ICMP traffic RWX flags setting unpack itself Windows utilities AppData folder malicious URLs AntiVM_Disk sandbox evasion Firewall state off VM Disk Size Check human activity check installed browsers check Ransomware Interception Windows Browser ComputerName DNS	8 Keyword trend analysis Info http://download.nullsoft.com/redist/dx/d3dx9_31_42_x86_embed.exe http://client.winamp.com/update/latest-version.php?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&lang=en-US http://cert.int-x3.letsencrypt.org/ http://client.winamp.com/update/client_session.php?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&st1=0&st2=0&st3=0&st4=0&st5=0&st6=0&st7=0&st8=0&st9=0&st10=0&st11=0&st12=-1&st13=0&st14=0&st15=0&st16=0&st17=0&st18=0&st19=0&st20=0&st21=0&st22=0&st23=0&st24=0&st25=0&st26=0&lang=en-US http://client.winamp.com/update?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&lang=en-US http://client.winamp.com/update?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&st1=0&st2=0&st3=0&st4=0&st5=0&st6=0&st7=0&st8=0&st9=0&st10=0&st11=0&st12=-1&st13=0&st14=0&st15=0&st16=0&st17=0&st18=0&st19=0&st20=0&st21=0&st22=0&st23=0&st24=0&st25=0&st26=0&lang=en-US https://download.nullsoft.com/winamp/client/winamp58_3660_beta_full_en-us.exe https://download.nullsoft.com/winamp/misc/winamp58_3660_beta_full_en-us.exe	5			13.6	M