Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
48901	2021-02-09 17:04	WAH.exe 7d02126353a885657e4553d365b0bbb0 VirusTotal Malware Buffer PE AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW human activity check Windows ComputerName DNS Cryptographic key DDNS crashed		2	1		14.8	M	25	ZeroCERT

48902	2021-02-09 17:03	wHghH65BXk2hCFk.exe bf7eb07949a84a9456e1ff1aa260d461 VirusTotal Malware					1.0	M	19	ZeroCERT

48903	2021-02-09 15:17	V6T.exe b841d7236145a3e25cc3a147a2b35a21 VirusTotal Malware					0.4	M	9	ZeroCERT

48904	2021-02-09 15:15	TrC86HH4pxVZ49N.exe cedd3570a65ce74199167da6e5190cc4 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Ransomware Windows Tor ComputerName Cryptographic key crashed					13.0	M	22	ZeroCERT

48905	2021-02-09 15:09	OSE.exe aa9096f0aab2adaafd38b736b2dccfd3 VirusTotal Malware Buffer PE AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself suspicious process malicious URLs WriteConsoleW Windows Cryptographic key					13.4	M	37	ZeroCERT

48906	2021-02-09 15:06	sd2iz5vxl.tar.exe 83d8674b5096ebfa8cc3416a62f86dee VirusTotal Malware PDB Check memory unpack itself malicious URLs WriteConsoleW Windows Cryptographic key					2.8	M	20	ZeroCERT

48907	2021-02-09 15:03	KINO.exe 02094aa7972c0ce8ac2e767263a6815a VirusTotal Malware Buffer PE AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName RCE DNS Cryptographic key crashed		2			14.6	M	31	ZeroCERT

48908	2021-02-09 15:02	lices.iquos.exe 43ec0e52c4f321372267744dcc90d37f VirusTotal Malware					1.4	M	13	ZeroCERT

48909	2021-02-09 14:51	CIC.exe 12ba599d1577de3108bde89057547ad1 VirusTotal Malware Buffer PE AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself suspicious process malicious URLs WriteConsoleW Windows Cryptographic key keylogger		2			14.8	M	34	ZeroCERT

48910	2021-02-09 14:50	decku.exe c232f8b92db6f89e9bdad56ef4d2a181 VirusTotal Malware					1.0	M	38	ZeroCERT

48911	2021-02-09 13:54	8.iquos.exe 43ec0e52c4f321372267744dcc90d37f VirusTotal Malware					1.4	M	13	ZeroCERT

48912	2021-02-09 13:53	CFHhMaweBF1QHvO.exe b441cf2b166b973d7ec045c707e4cb94 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName Cryptographic key crashed					11.8	M	26	ZeroCERT

48913	2021-02-09 13:49	6MEmbBfb0sAxKMw.exe c232f8b92db6f89e9bdad56ef4d2a181 VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key					2.6	M	38	ZeroCERT

48914	2021-02-09 13:48	6vWjC1g7qA0Z76f.exe 4a8eb2631d91ad206d94d22179c54c0e VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Ransomware Windows Tor ComputerName Cryptographic key crashed					12.2	M	38	ZeroCERT

48915	2021-02-08 18:58	document.doc 0da3efe7e213d8b0d3dca9e9502534cc VirusTotal Malware Malicious Traffic buffers extracted exploit crash unpack itself malicious URLs Windows Exploit DNS crashed		1	5 Info ET INFO Executable Download from dotted-quad Host ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET POLICY PE EXE or DLL Windows file download HTTP ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response		5.6	M	27	ZeroCERT