Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
48976	2020-06-30 10:39	https://cdn1.estsecurity.com/s... f809c38f0febca37c04811e2dc51ff8e Code Injection Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit crashed	2 Keyword trend analysis	6			4.6		1

48977	2020-06-30 10:25	http://www.nalara1220.o-r.kr/x... b8f26033be6948c20021fe45188f9c70 Code Injection ICMP traffic RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit crashed	8 Keyword trend analysis Info http://www.nalara1220.o-r.kr/xss.jsp http://www.nalara1220.o-r.kr/%3C http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml http://www.nalara1220.o-r.kr/alert(1); https://www.nalara1220.o-r.kr/xss.jsp https://www.nalara1220.o-r.kr/%3C https://www.nalara1220.o-r.kr/%3C https://www.nalara1220.o-r.kr/alert(1); https://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml	8			5.0

48978	2020-06-30 10:19	http://www.nalara1220.o-r.kr/x... 128e5767e89d3c6af1b1076d6bfc48e8 Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit crashed	8 Keyword trend analysis Info http://www.nalara1220.o-r.kr/%3C http://www.nalara1220.o-r.kr/xss.jsp http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml http://www.nalara1220.o-r.kr/favicon.ico https://www.nalara1220.o-r.kr/xss.jsp https://www.nalara1220.o-r.kr/%3C https://www.nalara1220.o-r.kr/%3C https://www.nalara1220.o-r.kr/favicon.ico https://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml	7			4.2

48979	2020-06-30 10:04	http://www.nalara1220.o-r.kr/x... 128e5767e89d3c6af1b1076d6bfc48e8 Code Injection ICMP traffic RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit crashed	8 Keyword trend analysis Info http://www.nalara1220.o-r.kr/favicon.ico http://www.nalara1220.o-r.kr/xss.jsp http://www.nalara1220.o-r.kr/%3C http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml https://www.nalara1220.o-r.kr/xss.jsp https://www.nalara1220.o-r.kr/%3C https://www.nalara1220.o-r.kr/%3C https://www.nalara1220.o-r.kr/favicon.ico https://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml	7			5.0

48980	2020-06-30 10:01	http://192.168.37.135/test.htm... Code Injection RWX flags setting unpack itself Windows utilities Windows					3.2

48981	2020-06-30 09:30	http://192.168.37.135/test.htm... Code Injection RWX flags setting unpack itself Windows utilities Windows					3.2

48982	2020-06-30 09:21	asdfg.exe b726f090cc523eaa9861ca0c9a748493 Browser Info Stealer VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Windows utilities Collect installed applications Check virtual network interfaces suspicious process AppData folder malicious URLs WriteConsoleW anti-virtualization installed browsers check Windows Browser Email ComputerName	20 Keyword trend analysis Info http://ademg.ug/msvcp140.dll http://ademg.ug/main.php http://ademg.ug/sqlite3.dll http://ademg.ug/nss3.dll http://ademg.ug/ http://ademg.ug/vcruntime140.dll http://ademg.ug/mozglue.dll http://ademg.ug/softokn3.dll http://ademg.ug/freebl3.dll http://gadem.ug/az2.exe https://gadem.ug/az2.exe https://ademg.ug/softokn3.dll https://ademg.ug/sqlite3.dll https://ademg.ug/freebl3.dll https://ademg.ug/mozglue.dll https://ademg.ug/msvcp140.dll https://ademg.ug/nss3.dll https://ademg.ug/vcruntime140.dll https://ademg.ug/main.php https://ademg.ug/	3			18.4		44

48983	2020-06-30 07:57	https://feedingyourhealth.com/... Code Injection RWX flags setting unpack itself Windows utilities Windows		2			2.2

48984	2020-06-30 07:35	http://uniengrisb.com/img/rt.m... VirusTotal Malware Code Injection Creates executable files unpack itself Windows utilities Windows	2 Keyword trend analysis	3			3.0

48985	2020-06-29 22:55	14gt134.php 08dac5157102790bb1c6d3a65660db37 PDB unpack itself					1.0

48986	2020-06-29 22:46	14gt134.php 08dac5157102790bb1c6d3a65660db37 PDB					0.2

48987	2020-06-29 21:18	4IDeThF102o6ePW.exe 7abd063e381eb25aa291a000bddc3145 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName					7.8		12

48988	2020-06-29 17:51	http://www.nalara1220.o-r.kr/x... 128e5767e89d3c6af1b1076d6bfc48e8 Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit crashed	8 Keyword trend analysis Info http://www.nalara1220.o-r.kr/xss.jsp http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml http://www.nalara1220.o-r.kr/%3C http://www.nalara1220.o-r.kr/favicon.ico https://www.nalara1220.o-r.kr/xss.jsp https://www.nalara1220.o-r.kr/%3C https://www.nalara1220.o-r.kr/%3C https://www.nalara1220.o-r.kr/favicon.ico https://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml	6			4.2

48989	2020-06-29 16:52	http://www.nalara1220.o-r.kr/x... 128e5767e89d3c6af1b1076d6bfc48e8 Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit crashed	8 Keyword trend analysis Info http://www.nalara1220.o-r.kr/xss.jsp http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml http://www.nalara1220.o-r.kr/%3C http://www.nalara1220.o-r.kr/favicon.ico https://www.nalara1220.o-r.kr/xss.jsp https://www.nalara1220.o-r.kr/%3C https://www.nalara1220.o-r.kr/%3C https://www.nalara1220.o-r.kr/favicon.ico https://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml	6			4.2

48990	2020-06-29 16:50	http://www.nalara1220.o-r.kr/x... 128e5767e89d3c6af1b1076d6bfc48e8 Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit crashed	8 Keyword trend analysis Info http://www.nalara1220.o-r.kr/favicon.ico http://www.nalara1220.o-r.kr/xss.jsp http://www.nalara1220.o-r.kr/%3C http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml https://www.nalara1220.o-r.kr/xss.jsp https://www.nalara1220.o-r.kr/%3C https://www.nalara1220.o-r.kr/%3C https://www.nalara1220.o-r.kr/favicon.ico https://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml	6			4.2