Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
48991	2020-07-16 12:54	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 VirusTotal Malware Code Injection Creates executable files unpack itself Windows utilities Windows DNS	3 Keyword trend analysis	2			3.6

48992	2020-07-16 12:48	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted heapspray Creates shortcut Creates executable files ICMP traffic RWX flags setting exploit crash unpack itself Windows utilities AppData folder malicious URLs AntiVM_Disk sandbox evasion Firewall state off VM Disk Size Check human activity check installed browsers check Ransomware Interception Windows Exploit Browser ComputerName DNS crashed	9 Keyword trend analysis Info http://client.winamp.com/update/latest-version.php?v=5.8&ID=B95792D0C10F4E45938126A4750A7698&lang=en-US http://download.nullsoft.com/redist/dx/d3dx9_31_42_x86_embed.exe http://cert.int-x3.letsencrypt.org/ http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml http://client.winamp.com/update/client_session.php?v=5.8&ID=B95792D0C10F4E45938126A4750A7698&st1=0&st2=0&st3=0&st4=0&st5=0&st6=0&st7=0&st8=0&st9=0&st10=0&st11=0&st12=-1&st13=0&st14=0&st15=0&st16=0&st17=0&st18=0&st19=0&st20=0&st21=0&st22=0&st23=0&st24=0&st25=0&st26=0&lang=en-US http://client.winamp.com/update?v=5.8&ID=B95792D0C10F4E45938126A4750A7698&lang=en-US http://client.winamp.com/update?v=5.8&ID=B95792D0C10F4E45938126A4750A7698&st1=0&st2=0&st3=0&st4=0&st5=0&st6=0&st7=0&st8=0&st9=0&st10=0&st11=0&st12=-1&st13=0&st14=0&st15=0&st16=0&st17=0&st18=0&st19=0&st20=0&st21=0&st22=0&st23=0&st24=0&st25=0&st26=0&lang=en-US https://download.nullsoft.com/winamp/client/winamp58_3660_beta_full_en-us.exe https://download.nullsoft.com/winamp/misc/winamp58_3660_beta_full_en-us.exe	5			15.4

48993	2020-07-16 11:42	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 VirusTotal Malware Code Injection Creates executable files exploit crash unpack itself Windows utilities malicious URLs Windows Exploit DNS crashed	4 Keyword trend analysis	3			4.6

48994	2020-07-16 11:32	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted heapspray Creates shortcut Creates executable files ICMP traffic RWX flags setting exploit crash unpack itself Windows utilities AppData folder malicious URLs AntiVM_Disk sandbox evasion Firewall state off VM Disk Size Check installed browsers check Ransomware Interception Windows Exploit Browser ComputerName DNS crashed	9 Keyword trend analysis Info http://download.nullsoft.com/redist/dx/d3dx9_31_42_x86_embed.exe http://client.winamp.com/update?v=5.8&ID=19AB3FAD117593469A2DCD189007CDAC&st1=0&st2=0&st3=0&st4=0&st5=0&st6=0&st7=0&st8=0&st9=0&st10=0&st11=0&st12=-1&st13=0&st14=0&st15=0&st16=0&st17=0&st18=0&st19=0&st20=0&st21=0&st22=0&st23=0&st24=0&st25=0&st26=0&lang=en-US http://client.winamp.com/update/latest-version.php?v=5.8&ID=19AB3FAD117593469A2DCD189007CDAC&lang=en-US http://cert.int-x3.letsencrypt.org/ http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml http://client.winamp.com/update?v=5.8&ID=19AB3FAD117593469A2DCD189007CDAC&lang=en-US http://client.winamp.com/update/client_session.php?v=5.8&ID=19AB3FAD117593469A2DCD189007CDAC&st1=0&st2=0&st3=0&st4=0&st5=0&st6=0&st7=0&st8=0&st9=0&st10=0&st11=0&st12=-1&st13=0&st14=0&st15=0&st16=0&st17=0&st18=0&st19=0&st20=0&st21=0&st22=0&st23=0&st24=0&st25=0&st26=0&lang=en-US https://download.nullsoft.com/winamp/client/winamp58_3660_beta_full_en-us.exe https://download.nullsoft.com/winamp/misc/winamp58_3660_beta_full_en-us.exe	5			14.4

48995	2020-07-16 11:23	http://tedec.com/dl/webupdate.... 22cc193a547944f685e79c52acc235a2 VirusTotal Malware Code Injection exploit crash unpack itself Windows utilities Windows Exploit DNS crashed	2 Keyword trend analysis	2			3.8	M

48996	2020-07-16 10:53	http://tedec.com/dl/webupdate.... 22cc193a547944f685e79c52acc235a2 VirusTotal Malware Code Injection exploit crash unpack itself Windows utilities Windows Exploit DNS crashed	2 Keyword trend analysis	2			3.8	M

48997	2020-07-16 10:30	http://tedec.com/dl/webupdate.... 22cc193a547944f685e79c52acc235a2 VirusTotal Malware Code Injection exploit crash unpack itself Windows utilities Windows Exploit DNS crashed	2 Keyword trend analysis	2			3.8	M

48998	2020-07-16 09:41	http://tedec.com/dl/webupdate.... 22cc193a547944f685e79c52acc235a2 VirusTotal Malware Code Injection exploit crash unpack itself Windows utilities Windows Exploit DNS crashed	2 Keyword trend analysis	2			3.8	M

48999	2020-07-16 08:48	http://lg3gservice.home.pl/pub... 4bc848434c23e4215c05b8060c21398b VirusTotal Malware Code Injection Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit DNS crashed	2 Keyword trend analysis	2			4.6	M

49000	2020-07-16 08:42	http://descargas.hispazone.org... 3444475276c19e50edeb4d21b61c5b5e VirusTotal Malware Code Injection Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit DNS crashed	2 Keyword trend analysis	2			4.6	M

49001	2020-07-15 18:02	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 VirusTotal Malware Code Injection Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit DNS crashed	4 Keyword trend analysis Info http://cert.int-x3.letsencrypt.org/ https://download.nullsoft.com/winamp/client/winamp58_3660_beta_full_en-us.exe https://download.nullsoft.com/winamp/misc/winamp58_3660_beta_full_en-us.exe https://clients2.google.com/service/check2?crx3=true&appid=%7B430FD4D0-B729-4F61-AA34-91526481799D%7D&appversion=1.3.35.452&applang=&machine=1&version=1.3.35.452&userid=&osversion=6.1&servicepack=Service%20Pack%201	3			4.6	M

49002	2020-07-15 18:00	http://175.208.134.150:8005/an... 5f6cc537fbd7613043e723e770e732e7 Code Injection unpack itself Windows utilities malicious URLs Windows DNS	18 Keyword trend analysis Info http://code.ionicframework.com/ionicons/2.0.1/fonts/ionicons.eot?v=2.0.1 http://175.208.134.150:8005/user/login/?next=/analysis/result/ http://175.208.134.150:8005/static/plugins/fontawesome-free/webfonts/fa-brands-400.eot? http://175.208.134.150:8005/static/plugins/fontawesome-free/webfonts/fa-regular-400.eot? http://175.208.134.150:8005/static/fonts/fa-solid-900.eot? http://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css http://175.208.134.150:8005/static/fonts/fa-light-300.eot? http://175.208.134.150:8005/favicon.ico http://175.208.134.150:8005/static/fonts/fa-regular-400.eot? http://175.208.134.150:8005/static/plugins/fontawesome-free/css/all.min.css http://175.208.134.150:8005/static/plugins/fontawesome-free/webfonts/fa-solid-900.eot? http://175.208.134.150:8005/static/fonts/fontawesome-webfont.eot? http://175.208.134.150:8005/static/custom/img/summer.webp http://175.208.134.150:8005/analysis/result/ http://175.208.134.150:8005/static/dist/css/adminlte.min.css http://175.208.134.150:8005/static/css/main.css http://175.208.134.150:8005/static/fonts/fa-brands-400.eot? https://clients2.google.com/service/check2?crx3=true&appid=%7B430FD4D0-B729-4F61-AA34-91526481799D%7D&appversion=1.3.35.452&applang=&machine=1&version=1.3.35.452&userid=&osversion=6.1&servicepack=Service%20Pack%201	3			3.8	M

49003	2020-07-15 17:41	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files ICMP traffic RWX flags setting unpack itself Windows utilities AppData folder malicious URLs AntiVM_Disk sandbox evasion Firewall state off VM Disk Size Check human activity check installed browsers check Ransomware Interception Windows Browser ComputerName DNS	8 Keyword trend analysis Info http://download.nullsoft.com/redist/dx/d3dx9_31_42_x86_embed.exe http://client.winamp.com/update/latest-version.php?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&lang=en-US http://cert.int-x3.letsencrypt.org/ http://client.winamp.com/update/client_session.php?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&st1=0&st2=0&st3=0&st4=0&st5=0&st6=0&st7=0&st8=0&st9=0&st10=0&st11=0&st12=-1&st13=0&st14=0&st15=0&st16=0&st17=0&st18=0&st19=0&st20=0&st21=0&st22=0&st23=0&st24=0&st25=0&st26=0&lang=en-US http://client.winamp.com/update?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&lang=en-US http://client.winamp.com/update?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&st1=0&st2=0&st3=0&st4=0&st5=0&st6=0&st7=0&st8=0&st9=0&st10=0&st11=0&st12=-1&st13=0&st14=0&st15=0&st16=0&st17=0&st18=0&st19=0&st20=0&st21=0&st22=0&st23=0&st24=0&st25=0&st26=0&lang=en-US https://download.nullsoft.com/winamp/client/winamp58_3660_beta_full_en-us.exe https://download.nullsoft.com/winamp/misc/winamp58_3660_beta_full_en-us.exe	5			13.6	M

49004	2020-07-15 16:39	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files ICMP traffic RWX flags setting unpack itself Windows utilities AppData folder malicious URLs AntiVM_Disk sandbox evasion Firewall state off VM Disk Size Check human activity check installed browsers check Ransomware Interception Windows Browser ComputerName DNS	8 Keyword trend analysis Info http://download.nullsoft.com/redist/dx/d3dx9_31_42_x86_embed.exe http://client.winamp.com/update/latest-version.php?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&lang=en-US http://cert.int-x3.letsencrypt.org/ http://client.winamp.com/update/client_session.php?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&st1=0&st2=0&st3=0&st4=0&st5=0&st6=0&st7=0&st8=0&st9=0&st10=0&st11=0&st12=-1&st13=0&st14=0&st15=0&st16=0&st17=0&st18=0&st19=0&st20=0&st21=0&st22=0&st23=0&st24=0&st25=0&st26=0&lang=en-US http://client.winamp.com/update?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&lang=en-US http://client.winamp.com/update?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&st1=0&st2=0&st3=0&st4=0&st5=0&st6=0&st7=0&st8=0&st9=0&st10=0&st11=0&st12=-1&st13=0&st14=0&st15=0&st16=0&st17=0&st18=0&st19=0&st20=0&st21=0&st22=0&st23=0&st24=0&st25=0&st26=0&lang=en-US https://download.nullsoft.com/winamp/client/winamp58_3660_beta_full_en-us.exe https://download.nullsoft.com/winamp/misc/winamp58_3660_beta_full_en-us.exe	5			13.6	M

49005	2020-07-15 16:32	https://download.nullsoft.com/... 3017f921a6c42a267842cc8bae9384c1 VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files ICMP traffic RWX flags setting unpack itself Windows utilities AppData folder malicious URLs AntiVM_Disk sandbox evasion Firewall state off VM Disk Size Check human activity check installed browsers check Ransomware Interception Windows Browser ComputerName DNS	8 Keyword trend analysis Info http://download.nullsoft.com/redist/dx/d3dx9_31_42_x86_embed.exe http://client.winamp.com/update/latest-version.php?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&lang=en-US http://cert.int-x3.letsencrypt.org/ http://client.winamp.com/update/client_session.php?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&st1=0&st2=0&st3=0&st4=0&st5=0&st6=0&st7=0&st8=0&st9=0&st10=0&st11=0&st12=-1&st13=0&st14=0&st15=0&st16=0&st17=0&st18=0&st19=0&st20=0&st21=0&st22=0&st23=0&st24=0&st25=0&st26=0&lang=en-US http://client.winamp.com/update?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&lang=en-US http://client.winamp.com/update?v=5.8&ID=83A0F2FAB2F90D4DB8270771D4427AE8&st1=0&st2=0&st3=0&st4=0&st5=0&st6=0&st7=0&st8=0&st9=0&st10=0&st11=0&st12=-1&st13=0&st14=0&st15=0&st16=0&st17=0&st18=0&st19=0&st20=0&st21=0&st22=0&st23=0&st24=0&st25=0&st26=0&lang=en-US https://download.nullsoft.com/winamp/client/winamp58_3660_beta_full_en-us.exe https://download.nullsoft.com/winamp/misc/winamp58_3660_beta_full_en-us.exe	5			13.6	M