Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
48871	2020-07-03 12:28	http://raymondjaon.ug/rac2.exe VirusTotal Malware Code Injection Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit crashed	2 Keyword trend analysis	4			5.2	M

48872	2020-07-03 12:24	http://raymondjaon.ug/rac2.exe 944e549ba4db11ea3f94a2873ffbe693 VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files exploit crash unpack itself Windows utilities Collect installed applications suspicious process AppData folder malicious URLs installed browsers check Ransomware Windows Exploit Browser Email ComputerName DNS crashed	20 Keyword trend analysis Info http://34.65.10.107/file_handler/file.php?hash=d7d014e129a59da0b35e87923309ade3dfc048d7&js=35e20d18e90674fecb9fb82a12853c63b7b62d6c&callback=http://34.65.10.107/gate http://raymondjaon.ug/ds2.exe http://www.bing.com/favicon.ico http://34.65.10.107/gate/libs.zip http://34.65.10.107/gate/sqlite3.dll http://34.65.10.107/gate/libs.zip http://raymondjaon.ug/ds1.exe http://raymondjaon.ug/ac.exe http://34.65.10.107/gate/libs.zip http://34.65.10.107/gate/libs.zip http://34.65.10.107/gate/log.php http://raymondjaon.ug/rac2.exe http://raymondjaon.ug/rc.exe http://34.65.10.107/gate/libs.zip https://raymondjaon.ug/rac2.exe https://www.bing.com/favicon.ico https://34.65.10.107/gate/log.php https://34.65.10.107/gate/sqlite3.dll https://34.65.10.107/gate/libs.zip https://34.65.10.107/gate/libs.zip https://34.65.10.107/gate/libs.zip https://34.65.10.107/gate/libs.zip https://34.65.10.107/gate/libs.zip https://34.65.10.107/file_handler/file.php?hash=d7d014e129a59da0b35e87923309ade3dfc048d7&js=35e20d18e90674fecb9fb82a12853c63b7b62d6c&callback=http://34.65.10.107/gate https://raymondjaon.ug/rc.exe https://raymondjaon.ug/ac.exe https://raymondjaon.ug/ds1.exe https://raymondjaon.ug/ds2.exe	8			20.6	M	35

48873	2020-07-03 11:45	http://raymondjaon.ug/rac2.exe 944e549ba4db11ea3f94a2873ffbe693 VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files RWX flags setting exploit crash unpack itself Windows utilities Collect installed applications Detects VirtualBox Check virtual network interfaces suspicious process AppData folder malicious URLs Ransomware Windows Exploit Email ComputerName DNS crashed	24 Keyword trend analysis Info http://raymondjaon.ug/ds2.exe http://34.65.10.107/gate/libs.zip http://34.65.10.107/gate/libs.zip http://34.65.10.107/gate/libs.zip http://apps.identrust.com/roots/dstrootcax3.p7c http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab http://raymondjaon.ug/ds1.exe http://raymondjaon.ug/rc.exe http://34.65.10.107/gate/libs.zip http://34.65.10.107/file_handler/file.php?hash=1641f89ce19713026e54247ba44ccbfaa977d5b6&js=84768af6b389150e94c770f6d2abff2efa94bfb1&callback=http://34.65.10.107/gate http://34.65.10.107/gate/log.php http://raymondjaon.ug/rac2.exe http://34.65.10.107/gate/sqlite3.dll http://raymondjaon.ug/ac.exe http://34.65.10.107/gate/libs.zip https://raymondjaon.ug/rac2.exe https://apps.identrust.com/roots/dstrootcax3.p7c https://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt https://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab https://34.65.10.107/gate/log.php https://34.65.10.107/gate/sqlite3.dll https://34.65.10.107/gate/libs.zip https://34.65.10.107/gate/libs.zip https://34.65.10.107/gate/libs.zip https://34.65.10.107/gate/libs.zip https://34.65.10.107/gate/libs.zip https://34.65.10.107/file_handler/file.php?hash=1641f89ce19713026e54247ba44ccbfaa977d5b6&js=84768af6b389150e94c770f6d2abff2efa94bfb1&callback=http://34.65.10.107/gate https://raymondjaon.ug/rc.exe https://raymondjaon.ug/ac.exe https://raymondjaon.ug/ds1.exe https://raymondjaon.ug/ds2.exe	11			19.8	M	35

48874	2020-07-03 09:46	dropped_files.txt ef427612bc9cebda81e778122b4873d9 Code Injection unpack itself Windows utilities malicious URLs Windows					2.2

48875	2020-07-03 09:25	https://cdn1.estsecurity.com/s... 04efcb0b26743f5720fe2a7e83d42733 Code Injection exploit crash unpack itself Windows utilities Windows Exploit crashed	2 Keyword trend analysis	6			3.8	M

48876	2020-07-03 09:21	https://cdn1.estsecurity.com/s... 04efcb0b26743f5720fe2a7e83d42733 Code Injection exploit crash unpack itself Windows utilities Windows Exploit crashed	2 Keyword trend analysis	6			3.8	M

48877	2020-07-03 09:18	https://cdn1.estsecurity.com/s... f809c38f0febca37c04811e2dc51ff8e Code Injection Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit crashed	2 Keyword trend analysis	6			4.6	M	1

48878	2020-07-02 18:46	http://raymondjaon.ug/rac2.exe 944e549ba4db11ea3f94a2873ffbe693 VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files exploit crash unpack itself Windows utilities Collect installed applications Detects VirtualBox Check virtual network interfaces suspicious process AppData folder malicious URLs Ransomware Windows Exploit Email ComputerName DNS crashed	24 Keyword trend analysis Info http://raymondjaon.ug/ds2.exe http://34.65.10.107/gate/libs.zip http://34.65.10.107/file_handler/file.php?hash=46e8b4948c35fc18a2120efbb6eefd9b7eef42fd&js=3b3dcecff16c3e70426d9bc792009964539e11da&callback=http://34.65.10.107/gate http://34.65.10.107/gate/libs.zip http://apps.identrust.com/roots/dstrootcax3.p7c http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt http://34.65.10.107/gate/libs.zip http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab http://raymondjaon.ug/ds1.exe http://raymondjaon.ug/rc.exe http://34.65.10.107/gate/libs.zip http://34.65.10.107/gate/log.php http://raymondjaon.ug/rac2.exe http://34.65.10.107/gate/sqlite3.dll http://raymondjaon.ug/ac.exe http://34.65.10.107/gate/libs.zip https://raymondjaon.ug/rac2.exe https://apps.identrust.com/roots/dstrootcax3.p7c https://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt https://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab https://34.65.10.107/gate/log.php https://34.65.10.107/gate/sqlite3.dll https://34.65.10.107/gate/libs.zip https://34.65.10.107/gate/libs.zip https://34.65.10.107/gate/libs.zip https://34.65.10.107/gate/libs.zip https://34.65.10.107/gate/libs.zip https://34.65.10.107/file_handler/file.php?hash=46e8b4948c35fc18a2120efbb6eefd9b7eef42fd&js=3b3dcecff16c3e70426d9bc792009964539e11da&callback=http://34.65.10.107/gate https://raymondjaon.ug/rc.exe https://raymondjaon.ug/ac.exe https://raymondjaon.ug/ds1.exe https://raymondjaon.ug/ds2.exe	11			19.2	M	12

48879	2020-07-02 18:43	http://mrgeek.pk/wndll.exe 4e0966f48e6fe2451eae96f7696dcab9 VirusTotal Malware Code Injection Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit crashed	2 Keyword trend analysis	2			5.8	M	44

48880	2020-07-02 18:42	http://mrgeek.pk/wndll.exe 4e0966f48e6fe2451eae96f7696dcab9 VirusTotal Malware Code Injection Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit crashed	2 Keyword trend analysis	2			5.8	M	44

48881	2020-07-02 18:40	http://mrgeek.pk/wndll.exe 4e0966f48e6fe2451eae96f7696dcab9 VirusTotal Malware Code Injection Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit crashed	2 Keyword trend analysis	2			5.8	M	44

48882	2020-07-02 18:39	http://mrgeek.pk/wndll.exe VirusTotal Malware					0.6	M

48883	2020-07-02 18:33	rac2.exe 944e549ba4db11ea3f94a2873ffbe693 VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities Collect installed applications Detects VirtualBox Check virtual network interfaces suspicious process AppData folder malicious URLs Ransomware Windows Email ComputerName DNS	22 Keyword trend analysis Info http://raymondjaon.ug/ds2.exe http://34.65.10.107/gate/libs.zip http://34.65.10.107/gate/libs.zip http://34.65.10.107/gate/libs.zip http://apps.identrust.com/roots/dstrootcax3.p7c http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab http://34.65.10.107/gate/libs.zip http://34.65.10.107/file_handler/file.php?hash=7986c99d14c8c5b6ed92bc197749452132e62ed0&js=b530e4ad29af1d04f7920f02d215be31ef15dcf4&callback=http://34.65.10.107/gate http://raymondjaon.ug/rc.exe http://34.65.10.107/gate/libs.zip http://34.65.10.107/gate/log.php http://raymondjaon.ug/ac.exe http://34.65.10.107/gate/sqlite3.dll http://raymondjaon.ug/ds1.exe https://apps.identrust.com/roots/dstrootcax3.p7c https://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt https://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab https://34.65.10.107/gate/log.php https://34.65.10.107/gate/sqlite3.dll https://34.65.10.107/gate/libs.zip https://34.65.10.107/gate/libs.zip https://34.65.10.107/gate/libs.zip https://34.65.10.107/gate/libs.zip https://34.65.10.107/gate/libs.zip https://34.65.10.107/file_handler/file.php?hash=7986c99d14c8c5b6ed92bc197749452132e62ed0&js=b530e4ad29af1d04f7920f02d215be31ef15dcf4&callback=http://34.65.10.107/gate https://raymondjaon.ug/rc.exe https://raymondjaon.ug/ac.exe https://raymondjaon.ug/ds1.exe https://raymondjaon.ug/ds2.exe	11			17.4	M	12

48884	2020-07-02 18:29	rac2.exe 944e549ba4db11ea3f94a2873ffbe693 VirusTotal Malware					1.0		12

48885	2020-07-02 18:27	http://180.214.238.5/receipt/i... 72fdaf8592e4085a8cfb05aeb0092f4e VirusTotal Malware Code Injection Malicious Traffic exploit crash unpack itself Windows utilities malicious URLs Windows Exploit DNS crashed	2 Keyword trend analysis	1			5.8	M	24