Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
48361	2020-07-24 14:25	http://www.nalara1220.o-r.kr/ c032bb944d6fba21799bd5a4df5b6122 Code Injection Creates executable files RWX flags setting unpack itself Windows utilities Windows	6 Keyword trend analysis	4			3.0

48362	2020-07-24 14:20	http://www.nalara1220.o-r.kr/ c032bb944d6fba21799bd5a4df5b6122 Code Injection Creates executable files unpack itself Windows utilities Windows	6 Keyword trend analysis	4			2.6

48363	2020-07-24 14:15	http://www.nalara1220.o-r.kr/ c032bb944d6fba21799bd5a4df5b6122 Code Injection Creates executable files RWX flags setting unpack itself Windows utilities Windows	6 Keyword trend analysis	4			3.0

48364	2020-07-24 11:05	mes_GD5559.doc 8a772a0c761c9e8341ff2b004e98e275 Vulnerability VirusTotal Malware unpack itself					2.6		29

48365	2020-07-24 11:03	http://www.nalara1220.o-r.kr/ c032bb944d6fba21799bd5a4df5b6122 Code Injection Creates executable files RWX flags setting unpack itself Windows utilities Windows	6 Keyword trend analysis	4			3.0

48366	2020-07-24 11:02	http://www.nalara1220.o-r.kr/ c032bb944d6fba21799bd5a4df5b6122 Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit crashed	7 Keyword trend analysis Info http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js http://www.nalara1220.o-r.kr/CSS/js/lightslider.js http://www.nalara1220.o-r.kr/CSS/css/lightslider.css http://www.nalara1220.o-r.kr/ http://www.nalara1220.o-r.kr/CSS/mainC.css http://www.nalara1220.o-r.kr/main.jsp http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml	6			3.6

48367	2020-07-23 16:51	c926c7de61dd7fe8_name.exe 26215c779ed936ff0a62924e15602969 VirusTotal Malware AutoRuns suspicious privilege Check memory Checks debugger unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows					6.0	M	19

48368	2020-07-23 16:36	test.js bbd1e04bc2f5b8bfc2ba8d651edccf7a malicious URLs crashed					1.0

48369	2020-07-23 16:30	http://www.nalara1220.o-r.kr/ c032bb944d6fba21799bd5a4df5b6122 Code Injection Creates executable files unpack itself Windows utilities malicious URLs Windows DNS	6 Keyword trend analysis	2			3.6

48370	2020-07-23 16:25	test.js bbd1e04bc2f5b8bfc2ba8d651edccf7a malicious URLs crashed					1.0

48371	2020-07-23 16:24	test.js bbd1e04bc2f5b8bfc2ba8d651edccf7a malicious URLs crashed					1.0

48372	2020-07-23 16:13	33056b2aae2bad24789d8f69005e59... 3a2f24b32b1cf7a53f63505daf4870c5 VirusTotal Malware powershell AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities powershell.exe wrote Check virtual network interfaces suspicious process AppData folder malicious URLs WriteConsoleW Windows ComputerName Cryptographic key		2	2		15.4		12

48373	2020-07-23 15:32	견적서20200702,pdf.exe 3b9887f9f9ff50f1c1862b654dea0b80 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities malicious URLs Windows		5			8.6		38

48374	2020-07-23 15:27	견적서20200702,pdf.exe 3b9887f9f9ff50f1c1862b654dea0b80 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs					7.8		38

48375	2020-07-23 15:22	222.exe 1e3b01b7f5bd3507a06f034d50282184 VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs DNS	3 Keyword trend analysis Info http://www.hehe2.net/k0f/ http://www.financialplanner.cloud/k0f/?DV8T=qUrpngFU98fN6cKJktME8F/JrE5wCji7skhBkwNuR1lFW8+XiuVYozcNCF/Lej8auDrmurLj&U0DH=kfo0slYxV4PPOf http://www.hehe2.net/k0f/?DV8T=zQq77QnoFRouyUiOEKFUbHt5e984gm98c303NyNG4bTW6uiZ4f+svO/FnwA/3idNzUWLbsA3&U0DH=kfo0slYxV4PPOf&sql=1	5	2		8.8		53