Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
49696	2020-12-29 13:05	Arcserve_Unified_Data_Protecti... d41d8cd98f00b204e9800998ecf8427e					0.4			guest

49697	2020-12-29 12:31	ask.exe 08ce06744e5fa947d7639cf606c4ff5c VirusTotal Malware DNS					1.8		21	ZeroCERT

49698	2020-12-29 12:30	apdf.exe 4091edb6fc4ddec9dc69a3a6dd60d929 VirusTotal Malware powershell AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself powershell.exe wrote suspicious process malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check Windows ComputerName Cryptographic key					12.0	M	19	ZeroCERT

49699	2020-12-29 12:26	apdf.exe 4091edb6fc4ddec9dc69a3a6dd60d929 Browser Info Stealer VirusTotal Malware powershell AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted WMI Creates shortcut Creates executable files unpack itself powershell.exe wrote suspicious process malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check Windows Browser ComputerName DNS Cryptographic key		1			15.6	M	19	ZeroCERT

49700	2020-12-29 12:25	add.exe e6731de795cc99d6186f1d94ff5a03e6 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Ransomware Windows Browser Tor Email ComputerName Cryptographic key Software crashed keylogger					12.6	M	21	ZeroCERT

49701	2020-12-29 12:11	0QD13JK5BSW67X42.doc a31982ecb88498bb30b0c1a289d82c6b Vulnerability VirusTotal Malware Malicious Traffic ICMP traffic unpack itself malicious URLs Windows DNS	3 Keyword trend analysis	5	3		6.0	M	20	ZeroCERT

49702	2020-12-29 12:11	YZ3CK00V3KVPD.doc a31982ecb88498bb30b0c1a289d82c6b Vulnerability VirusTotal Malware Malicious Traffic unpack itself malicious URLs Windows DNS	3 Keyword trend analysis	5	3		5.2	M	20	ZeroCERT

49703	2020-12-29 11:13	111.doc 3de02c4740511692cdc896dbbd4f7648 Vulnerability VirusTotal Malware Malicious Traffic unpack itself malicious URLs Windows DNS	3 Keyword trend analysis	5	3		5.0		15	r0d

49704	2020-12-27 15:03	Doc1.dotm 1a575a4cbc7fa8faba585373c44e3edb VirusTotal Malware Code Injection unpack itself malicious URLs DNS	2 Keyword trend analysis	1			6.8		41	ZeroCERT

49705	2020-12-27 15:01	nethelper.dll e835f27f6b6a2b0af42873ce2cc6cc07 VirusTotal Malware unpack itself malicious URLs					2.6		42	ZeroCERT

49706	2020-12-26 22:10	form.exe c8eeac24eca23bd1df10b02d5430432d Malware PDB Malicious Traffic Check memory buffers extracted WMI Creates executable files unpack itself Check virtual network interfaces AppData folder malicious URLs sandbox evasion anti-virtualization ComputerName DNS Software AnyDesk	1 Keyword trend analysis	6	1		8.8			ZeroCERT

49707	2020-12-26 22:10	image.jpg.exe aebeb7b1a23449b44195814dda4fb002 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Buffer PE suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted RWX flags setting unpack itself Check virtual network interfaces malicious URLs IP Check Tofsee Ransomware Interception Windows Browser Tor Email ComputerName Cryptographic key Software crashed	3 Keyword trend analysis	8	1		17.2	M	58	ZeroCERT

49708	2020-12-26 21:41	docs34.xlsx 7c630efe0e3a7059b6ca53c4cc94a1d1 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Buffer PE suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted RWX flags setting unpack itself Check virtual network interfaces malicious URLs IP Check Tofsee Ransomware Interception Windows Browser Tor Email ComputerName DNS Cryptographic key Software crashed	3 Keyword trend analysis	8	1		17.4	M	56	ZeroCERT

49709	2020-12-26 21:38	hgtfQlN8Vz.vx.exe 0dd3a14f922feac556d68299ea87ca26 VirusTotal Malware Check memory unpack itself crashed					2.0	M	25	ZeroCERT

49710	2020-12-26 18:51	customer1.exe c3c1704da6242a52877806e3bde2c46b Browser Info Stealer VirusTotal Malware PDB suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger WMI Creates executable files exploit crash unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW installed browsers check Windows Exploit Browser ComputerName RCE DNS crashed	4 Keyword trend analysis	5	2		13.2	M	20	ZeroCERT