Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
48586	2020-07-16 08:42	http://descargas.hispazone.org... 3444475276c19e50edeb4d21b61c5b5e VirusTotal Malware Code Injection Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit DNS crashed	2 Keyword trend analysis	2			4.6	M

48587	2020-07-15 18:02	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 VirusTotal Malware Code Injection Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit DNS crashed	4 Keyword trend analysis Info http://cert.int-x3.letsencrypt.org/ https://download.nullsoft.com/winamp/client/winamp58_3660_beta_full_en-us.exe https://download.nullsoft.com/winamp/misc/winamp58_3660_beta_full_en-us.exe https://clients2.google.com/service/check2?crx3=true&appid=%7B430FD4D0-B729-4F61-AA34-91526481799D%7D&appversion=1.3.35.452&applang=&machine=1&version=1.3.35.452&userid=&osversion=6.1&servicepack=Service%20Pack%201	3			4.6	M

48588	2020-07-15 18:00	http://175.208.134.150:8005/an... 5f6cc537fbd7613043e723e770e732e7 Code Injection unpack itself Windows utilities malicious URLs Windows DNS	18 Keyword trend analysis Info http://code.ionicframework.com/ionicons/2.0.1/fonts/ionicons.eot?v=2.0.1 http://175.208.134.150:8005/user/login/?next=/analysis/result/ http://175.208.134.150:8005/static/plugins/fontawesome-free/webfonts/fa-brands-400.eot? http://175.208.134.150:8005/static/plugins/fontawesome-free/webfonts/fa-regular-400.eot? http://175.208.134.150:8005/static/fonts/fa-solid-900.eot? http://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css http://175.208.134.150:8005/static/fonts/fa-light-300.eot? http://175.208.134.150:8005/favicon.ico http://175.208.134.150:8005/static/fonts/fa-regular-400.eot? http://175.208.134.150:8005/static/plugins/fontawesome-free/css/all.min.css http://175.208.134.150:8005/static/plugins/fontawesome-free/webfonts/fa-solid-900.eot? http://175.208.134.150:8005/static/fonts/fontawesome-webfont.eot? http://175.208.134.150:8005/static/custom/img/summer.webp http://175.208.134.150:8005/analysis/result/ http://175.208.134.150:8005/static/dist/css/adminlte.min.css http://175.208.134.150:8005/static/css/main.css http://175.208.134.150:8005/static/fonts/fa-brands-400.eot? https://clients2.google.com/service/check2?crx3=true&appid=%7B430FD4D0-B729-4F61-AA34-91526481799D%7D&appversion=1.3.35.452&applang=&machine=1&version=1.3.35.452&userid=&osversion=6.1&servicepack=Service%20Pack%201	3			3.8	M

48589	2020-07-15 17:41	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files ICMP traffic RWX flags setting unpack itself Windows utilities AppData folder malicious URLs AntiVM_Disk sandbox evasion Firewall state off VM Disk Size Check human activity check installed browsers check Ransomware Interception Windows Browser ComputerName DNS	8 Keyword trend analysis Info http://download.nullsoft.com/redist/dx/d3dx9_31_42_x86_embed.exe http://client.winamp.com/update/latest-version.php?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&lang=en-US http://cert.int-x3.letsencrypt.org/ http://client.winamp.com/update/client_session.php?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&st1=0&st2=0&st3=0&st4=0&st5=0&st6=0&st7=0&st8=0&st9=0&st10=0&st11=0&st12=-1&st13=0&st14=0&st15=0&st16=0&st17=0&st18=0&st19=0&st20=0&st21=0&st22=0&st23=0&st24=0&st25=0&st26=0&lang=en-US http://client.winamp.com/update?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&lang=en-US http://client.winamp.com/update?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&st1=0&st2=0&st3=0&st4=0&st5=0&st6=0&st7=0&st8=0&st9=0&st10=0&st11=0&st12=-1&st13=0&st14=0&st15=0&st16=0&st17=0&st18=0&st19=0&st20=0&st21=0&st22=0&st23=0&st24=0&st25=0&st26=0&lang=en-US https://download.nullsoft.com/winamp/client/winamp58_3660_beta_full_en-us.exe https://download.nullsoft.com/winamp/misc/winamp58_3660_beta_full_en-us.exe	5			13.6	M

48590	2020-07-15 16:39	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files ICMP traffic RWX flags setting unpack itself Windows utilities AppData folder malicious URLs AntiVM_Disk sandbox evasion Firewall state off VM Disk Size Check human activity check installed browsers check Ransomware Interception Windows Browser ComputerName DNS	8 Keyword trend analysis Info http://download.nullsoft.com/redist/dx/d3dx9_31_42_x86_embed.exe http://client.winamp.com/update/latest-version.php?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&lang=en-US http://cert.int-x3.letsencrypt.org/ http://client.winamp.com/update/client_session.php?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&st1=0&st2=0&st3=0&st4=0&st5=0&st6=0&st7=0&st8=0&st9=0&st10=0&st11=0&st12=-1&st13=0&st14=0&st15=0&st16=0&st17=0&st18=0&st19=0&st20=0&st21=0&st22=0&st23=0&st24=0&st25=0&st26=0&lang=en-US http://client.winamp.com/update?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&lang=en-US http://client.winamp.com/update?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&st1=0&st2=0&st3=0&st4=0&st5=0&st6=0&st7=0&st8=0&st9=0&st10=0&st11=0&st12=-1&st13=0&st14=0&st15=0&st16=0&st17=0&st18=0&st19=0&st20=0&st21=0&st22=0&st23=0&st24=0&st25=0&st26=0&lang=en-US https://download.nullsoft.com/winamp/client/winamp58_3660_beta_full_en-us.exe https://download.nullsoft.com/winamp/misc/winamp58_3660_beta_full_en-us.exe	5			13.6	M

48591	2020-07-15 16:32	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files ICMP traffic RWX flags setting unpack itself Windows utilities AppData folder malicious URLs AntiVM_Disk sandbox evasion Firewall state off VM Disk Size Check human activity check installed browsers check Ransomware Interception Windows Browser ComputerName DNS	8 Keyword trend analysis Info http://download.nullsoft.com/redist/dx/d3dx9_31_42_x86_embed.exe http://client.winamp.com/update/latest-version.php?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&lang=en-US http://cert.int-x3.letsencrypt.org/ http://client.winamp.com/update/client_session.php?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&st1=0&st2=0&st3=0&st4=0&st5=0&st6=0&st7=0&st8=0&st9=0&st10=0&st11=0&st12=-1&st13=0&st14=0&st15=0&st16=0&st17=0&st18=0&st19=0&st20=0&st21=0&st22=0&st23=0&st24=0&st25=0&st26=0&lang=en-US http://client.winamp.com/update?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&lang=en-US http://client.winamp.com/update?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&st1=0&st2=0&st3=0&st4=0&st5=0&st6=0&st7=0&st8=0&st9=0&st10=0&st11=0&st12=-1&st13=0&st14=0&st15=0&st16=0&st17=0&st18=0&st19=0&st20=0&st21=0&st22=0&st23=0&st24=0&st25=0&st26=0&lang=en-US https://download.nullsoft.com/winamp/client/winamp58_3660_beta_full_en-us.exe https://download.nullsoft.com/winamp/misc/winamp58_3660_beta_full_en-us.exe	5			13.6	M

48592	2020-07-15 13:50	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files ICMP traffic RWX flags setting unpack itself Windows utilities AppData folder malicious URLs AntiVM_Disk sandbox evasion Firewall state off VM Disk Size Check human activity check installed browsers check Ransomware Interception Windows Browser ComputerName DNS	8 Keyword trend analysis Info http://download.nullsoft.com/redist/dx/d3dx9_31_42_x86_embed.exe http://client.winamp.com/update/latest-version.php?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&lang=en-US http://cert.int-x3.letsencrypt.org/ http://client.winamp.com/update/client_session.php?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&st1=0&st2=0&st3=0&st4=0&st5=0&st6=0&st7=0&st8=0&st9=0&st10=0&st11=0&st12=-1&st13=0&st14=0&st15=0&st16=0&st17=0&st18=0&st19=0&st20=0&st21=0&st22=0&st23=0&st24=0&st25=0&st26=0&lang=en-US http://client.winamp.com/update?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&lang=en-US http://client.winamp.com/update?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&st1=0&st2=0&st3=0&st4=0&st5=0&st6=0&st7=0&st8=0&st9=0&st10=0&st11=0&st12=-1&st13=0&st14=0&st15=0&st16=0&st17=0&st18=0&st19=0&st20=0&st21=0&st22=0&st23=0&st24=0&st25=0&st26=0&lang=en-US https://download.nullsoft.com/winamp/client/winamp58_3660_beta_full_en-us.exe https://download.nullsoft.com/winamp/misc/winamp58_3660_beta_full_en-us.exe	5			13.6	M

48593	2020-07-15 13:41	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 VirusTotal Malware					0.4

48594	2020-07-15 13:40	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 VirusTotal Malware Code Injection Creates executable files unpack itself Windows utilities AppData folder Windows DNS	3 Keyword trend analysis	2			4.0	M

48595	2020-07-15 13:33	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 VirusTotal Malware Code Injection Creates executable files unpack itself Windows utilities Windows DNS	3 Keyword trend analysis	3			3.6	M

48596	2020-07-15 13:25	k4y7tzx4ry.doc 4e046e4093be0c049abdbb50e2fb6262 Vulnerability VirusTotal Malware Malicious Traffic unpack itself DNS	4 Keyword trend analysis	5			4.4	M	46

48597	2020-07-15 11:59	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 VirusTotal Malware Code Injection Creates executable files unpack itself Windows utilities Windows	5 Keyword trend analysis Info http://isrg.trustid.ocsp.identrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRv9GhNQxLSSGKBnMArPUcsHYovpgQUxKexpHsscfrb4UuQdf%2FEFWCFiRACEAoBQUIAAAFThXNqC4Xspwg%3D http://ocsp.int-x3.letsencrypt.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBR%2B5mrncpqz%2FPiiIGRsFqEtYHEIXQQUqEpqYwR93brm0Tm3pkVl7%2FOo7KECEgP2%2FC94cD5Qp5Cy3ayfhaN4Iw%3D%3D http://cert.int-x3.letsencrypt.org/ https://download.nullsoft.com/winamp/client/winamp58_3660_beta_full_en-us.exe https://download.nullsoft.com/winamp/misc/winamp58_3660_beta_full_en-us.exe	12 Info ocsp.int-x3.letsencrypt.org(119.207.66.64) cert.int-x3.letsencrypt.org(104.74.211.103) r20swj13mr.microsoft.com(117.18.232.200) iecvlist.microsoft.com(117.18.232.200) kr.msn.com(13.75.94.74) download.nullsoft.com(5.39.58.66) 104.74.211.103 117.18.232.200 119.207.66.18 119.207.66.48 119.207.66.64 5.39.58.66			4.6	M

48598	2020-07-15 11:51	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 VirusTotal Malware					0.4

48599	2020-07-15 11:50	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 VirusTotal Malware					0.4

48600	2020-07-15 11:50	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 VirusTotal Malware					0.4