Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
49081	2020-06-25 14:58	crimea.ps1 b07c04d53312dd24935701ac700cc8a5 VirusTotal Malware powershell suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote Check virtual network interfaces suspicious process malicious URLs WriteConsoleW Windows ComputerName Cryptographic key	2 Keyword trend analysis	2			9.0		9

49082	2020-06-25 14:56	crimea.ps1 b07c04d53312dd24935701ac700cc8a5 VirusTotal Malware powershell suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote Check virtual network interfaces suspicious process malicious URLs WriteConsoleW Windows ComputerName Cryptographic key	2 Keyword trend analysis	2			9.0		9

49083	2020-06-25 14:40	http://office-services-sec.com... a87a313263697c3f81881defa55b269c VirusTotal Malware Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit crashed	6 Keyword trend analysis Info http://office-services-sec.com/favicon.ico http://office-services-sec.com/crimea.ps1 http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml https://office-services-sec.com/crimea.ps1 https://office-services-sec.com/favicon.ico https://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml	6			5.2		13

49084	2020-06-25 14:33	http://office-services-sec.com... 1d0e1d24ad35a2357af094b32e1cb25a VirusTotal Malware Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit crashed	6 Keyword trend analysis Info http://office-services-sec.com/favicon.ico http://office-services-sec.com/crimea.ps1 http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml https://office-services-sec.com/crimea.ps1 https://office-services-sec.com/favicon.ico https://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml	6			5.2		13

49085	2020-06-25 14:03	https://cdn1.estsecurity.com/s... 599168bde854ae6d22a9cc5df5a3c0e2 Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities AppData folder Windows Exploit crashed	2 Keyword trend analysis	7			5.0

49086	2020-06-25 12:55	http://37.49.230.204/ABU.exe 4c097af29449e5d1e6cf77a9c58b2968 VirusTotal Malware Code Injection Malicious Traffic Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit DNS crashed	4 Keyword trend analysis	5			6.8		15

49087	2020-06-25 11:31	http://37.49.230.204/ABU.exe 7bec956dcddd39b40c88debf266e291a VirusTotal Malware Code Injection Malicious Traffic Creates executable files RWX flags setting exploit crash unpack itself Windows utilities AppData folder Windows Exploit DNS crashed	4 Keyword trend analysis	5			7.2		15

49088	2020-06-25 11:11	http://37.49.230.204/ABU.exe 72c311a40dbcb3fb6bdd70df9b6be8be VirusTotal Malware Code Injection Malicious Traffic Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit DNS crashed	4 Keyword trend analysis	5			6.0		4

49089	2020-06-25 11:09	http://37.49.230.204/ABU.exe 72c311a40dbcb3fb6bdd70df9b6be8be VirusTotal Malware Code Injection Malicious Traffic Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit DNS crashed	4 Keyword trend analysis	5			6.0		4

49090	2020-06-25 11:06	http://37.49.230.204/ABU.exe 72c311a40dbcb3fb6bdd70df9b6be8be VirusTotal Malware Code Injection Malicious Traffic Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit DNS crashed	4 Keyword trend analysis	5			6.0		4

49091	2020-06-25 11:02	http://37.49.230.204/ABU.exe 72c311a40dbcb3fb6bdd70df9b6be8be VirusTotal Malware Code Injection Malicious Traffic Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit DNS crashed	4 Keyword trend analysis	5			6.0		4

49092	2020-06-25 11:01	http://37.49.230.204/ABU.exe 72c311a40dbcb3fb6bdd70df9b6be8be VirusTotal Malware Code Injection Malicious Traffic Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit DNS crashed	4 Keyword trend analysis	5			6.0		4

49093	2020-06-25 10:58	http://37.49.230.204/ABU.exe 72c311a40dbcb3fb6bdd70df9b6be8be VirusTotal Malware Code Injection Malicious Traffic Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit DNS crashed	4 Keyword trend analysis	5			6.0		4

49094	2020-06-25 10:44	http://37.49.230.204/ABU.exe 72c311a40dbcb3fb6bdd70df9b6be8be VirusTotal Malware Code Injection Malicious Traffic Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit DNS crashed	4 Keyword trend analysis	5			6.0		4

49095	2020-06-25 10:42	http://37.49.230.204/ABU.exe 72c311a40dbcb3fb6bdd70df9b6be8be VirusTotal Malware Code Injection Malicious Traffic Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit DNS crashed	4 Keyword trend analysis	5			6.0		4