Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
49051	2021-02-02 15:25	bro.exe 93c2ab80b52f0bf827f2b9ddd0c04909 VirusTotal Malware suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs ComputerName DNS		1			10.8	M	48	ZeroCERT

49052	2021-02-02 14:01	svchost.exe 2642dc49b3e9491b5bb8ed32e3c9dec5 PDB DNS					0.8			ZeroCERT

49053	2021-02-02 13:57	vbc2.exe b9609685b1685626956a7d93edca6c49 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows ComputerName crashed					10.0	M	50	ZeroCERT

49054	2021-02-02 13:56	vbc.exe 9e775de8441c5ae5316582ba3830c4e2 VirusTotal Malware Check memory RWX flags setting unpack itself DNS					2.4	M	20	ZeroCERT

49055	2021-02-02 13:47	vbc.exe 9e775de8441c5ae5316582ba3830c4e2 VirusTotal Malware Check memory RWX flags setting unpack itself					1.8	M	20	ZeroCERT

49056	2021-02-02 13:45	ufWRvtPr7bkBF.exe 8c3241c55785b304bfd03e24b16efb63 VirusTotal Malware RCE					2.0	M	56	ZeroCERT

49057	2021-02-02 13:44	ubtrfi.zip.exe d57f8957ceb00c74cc3aeab23ecf47be VirusTotal Malware PDB unpack itself					1.8	M	11	ZeroCERT

49058	2021-02-02 13:43	TEMP.so.exe f160c057fded2c01bfdb65bb7aa9dfcc Malware download Amadey VirusTotal Malware Malicious Traffic Creates executable files unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName DNS	1 Keyword trend analysis	1	1		6.8	M	50	ZeroCERT

49059	2021-02-02 13:40	scr.dll 8a7fa2352851fddec50f91833637dc69 VirusTotal Malware Malicious Traffic Checks debugger buffers extracted unpack itself DNS	1 Keyword trend analysis	1			4.4	M	35	ZeroCERT

49060	2021-02-02 13:39	self.exe 27493edfa85af8660f2c05f5eddf2969 Malware download Azorult Dridex TrickBot VirusTotal Malware suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs Kovter Browser ComputerName DNS	1 Keyword trend analysis	1	6 Info ET INFO TLS Handshake Failure ET JA3 Hash - Possible Malware - Various Trickbot/Kovter/Dridex ET JA3 Hash - Possible Malware - Unknown traffic associated with Dridex ET MALWARE AZORult Variant.4 Checkin M2 ET MALWARE Win32/AZORult V3.2 Client Checkin M4 ET HUNTING GENERIC SUSPICIOUS POST to Dotted Quad with Fake Browser 1	1	11.0	M	50	ZeroCERT

49061	2021-02-02 13:37	pzf3d4h.zip.exe d91d846f2cd5f791cfae21bec49fb3d5 VirusTotal Malware PDB unpack itself DNS crashed					3.0	M	10	ZeroCERT

49062	2021-02-02 13:36	rbv9d79.zip.exe ebca4076e0a420caf420bdcd98c91d3c VirusTotal Malware PDB unpack itself malicious URLs					2.6	M	11	ZeroCERT

49063	2021-02-02 13:24	Protected Client.vbs b8e153cc0bec4b58809b9d323cc55303 VirusTotal Malware powershell Buffer PE suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI ICMP traffic unpack itself Check virtual network interfaces suspicious process malicious URLs WriteConsoleW Windows Java ComputerName DNS Cryptographic key DDNS keylogger		6	2		15.8	M	6	ZeroCERT

49064	2021-02-02 13:23	private.png.exe f7fc343cbf86f08c7b529ab451677752 VirusTotal Malware Buffer PE Check memory buffers extracted Creates executable files unpack itself AppData folder malicious URLs DNS crashed					5.4	M	19	ZeroCERT

49065	2021-02-02 12:13	pp.exe 7b8047fdbb913497713a07aeed0d0f4c VirusTotal Malware MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs ComputerName DNS		1			10.2	M	47	ZeroCERT