Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
47776	2020-07-02 16:24	http://mrgeek.pk/wndll.exe VirusTotal Malware Code Injection Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit crashed	2 Keyword trend analysis	4			5.2	M

47777	2020-07-02 16:16	http://mrgeek.pk/wndll.exe VirusTotal Malware Code Injection Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit crashed	2 Keyword trend analysis	2			4.2	M

47778	2020-07-02 16:15	http://mrgeek.pk/wndll.exe VirusTotal Malware Code Injection Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit crashed	2 Keyword trend analysis	4			5.2	M

47779	2020-07-02 15:42	http://mrgeek.pk/wndll.exe VirusTotal Malware Code Injection Creates executable files unpack itself Windows utilities Windows	2 Keyword trend analysis	4			3.2	M

47780	2020-07-02 14:52	http://mrgeek.pk/wndll.exe 4e0966f48e6fe2451eae96f7696dcab9 VirusTotal Malware Code Injection Creates executable files unpack itself Windows utilities AppData folder malicious URLs Windows	2 Keyword trend analysis	4			4.0	M	44

47781	2020-07-02 14:34	http://mrgeek.pk/wndll.exe 4e0966f48e6fe2451eae96f7696dcab9 VirusTotal Malware Code Injection Creates executable files unpack itself Windows utilities AppData folder malicious URLs Windows	2 Keyword trend analysis	4			4.0	M	44

47782	2020-07-02 13:14	https://cdn1.estsecurity.com/s... f809c38f0febca37c04811e2dc51ff8e Code Injection Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit crashed	2 Keyword trend analysis	6			4.6	M	1

47783	2020-07-02 13:12	http://mrgeek.pk/wndll.exe 4e0966f48e6fe2451eae96f7696dcab9 VirusTotal Malware Code Injection Creates executable files unpack itself Windows utilities AppData folder malicious URLs Windows	2 Keyword trend analysis	4			4.0	M	44

47784	2020-07-02 13:12	http://mrgeek.pk/wndll.exe VirusTotal Malware Code Injection Creates executable files unpack itself Windows utilities Windows	2 Keyword trend analysis	4			3.2	M

47785	2020-07-02 12:56	http://mrgeek.pk/wndll.exe VirusTotal Malware Code Injection Creates executable files exploit crash unpack itself Windows utilities Windows Exploit crashed	2 Keyword trend analysis	6			4.8	M

47786	2020-07-02 12:56	http://mrgeek.pk/wndll.exe 4e0966f48e6fe2451eae96f7696dcab9 VirusTotal Malware Code Injection Creates executable files exploit crash unpack itself Windows utilities AppData folder malicious URLs Windows Exploit crashed	4 Keyword trend analysis	5			4.6	M	44

47787	2020-07-02 12:00	https://cdn1.estsecurity.com/s... Code Injection exploit crash unpack itself Windows utilities Windows Exploit crashed	2 Keyword trend analysis	6			3.8	M

47788	2020-07-02 10:07	https://cdn1.estsecurity.com/s... f809c38f0febca37c04811e2dc51ff8e Code Injection Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit crashed	2 Keyword trend analysis	6			4.6	M	1

47789	2020-07-02 10:06	test.html 99cc900a9b42f261f9b677b4d1dc6e13 Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit crashed	2 Keyword trend analysis	4			4.2	M

47790	2020-07-01 15:54	3e9f05acde528ea5fd7ca9d0c2af0e... b726f090cc523eaa9861ca0c9a748493 Browser Info Stealer VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates shortcut Creates executable files unpack itself Windows utilities Collect installed applications Check virtual network interfaces suspicious process AppData folder malicious URLs AntiVM_Disk WriteConsoleW anti-virtualization VM Disk Size Check human activity check installed browsers check Ransomware Windows Browser Email ComputerName DNS	40 Keyword trend analysis Info http://gadem.ug/ds2.exe http://34.65.10.107/gate/libs.zip http://ademg.ug/msvcp140.dll http://ademg.ug/main.php http://ademg.ug/sqlite3.dll http://gadem.ug/ac.exe http://34.65.10.107/gate/libs.zip http://gadem.ug/nw.exe http://barcla.ug/index.php http://ademg.ug/nss3.dll http://gadem.ug/ds1.exe http://ademg.ug/vcruntime140.dll http://ademg.ug/mozglue.dll http://ademg.ug/softokn3.dll http://34.65.10.107/file_handler/file.php?hash=6c38ca76b3a3c4e8db40a05de6c63267067cf308&js=5695d392c71b2dfc441c6d5840997565982104ea&callback=http://34.65.10.107/gate http://34.65.10.107/gate/log.php http://ademg.ug/freebl3.dll http://ademg.ug/ http://gadem.ug/rac2.exe http://gadem.ug/az2.exe http://34.65.10.107/gate/sqlite3.dll https://gadem.ug/az2.exe https://ademg.ug/softokn3.dll https://ademg.ug/sqlite3.dll https://ademg.ug/freebl3.dll https://ademg.ug/mozglue.dll https://ademg.ug/msvcp140.dll https://ademg.ug/nss3.dll https://ademg.ug/vcruntime140.dll https://ademg.ug/main.php https://ademg.ug/ https://gadem.ug/rac2.exe https://barcla.ug/index.php https://34.65.10.107/gate/log.php https://34.65.10.107/gate/sqlite3.dll https://34.65.10.107/gate/libs.zip https://34.65.10.107/gate/libs.zip https://34.65.10.107/gate/libs.zip https://34.65.10.107/gate/libs.zip https://34.65.10.107/gate/libs.zip https://34.65.10.107/file_handler/file.php?hash=6c38ca76b3a3c4e8db40a05de6c63267067cf308&js=5695d392c71b2dfc441c6d5840997565982104ea&callback=http://34.65.10.107/gate https://gadem.ug/nw.exe https://gadem.ug/ac.exe https://gadem.ug/ds1.exe https://gadem.ug/ds2.exe	7			22.8	M	43