Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
49936	2020-12-10 19:00	OG.exe 52c1c0a68da545fd829d2b5ed7c2b4f4 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Ransomware Windows Tor ComputerName DNS Cryptographic key crashed					13.4	M	16	guest

49937	2020-12-10 19:00	oat.exe 3c9f99f80db4eda2078a8564afe7185f Browser Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities Check virtual network interfaces suspicious process malicious URLs WriteConsoleW Tofsee Ransomware Windows Browser Tor Email ComputerName Cryptographic key crashed keylogger	4 Keyword trend analysis	2	1		15.6	M	35	guest

49938	2020-12-10 18:52	nd.exe d2143133b45d9a684c06edb3b9b2c81c VirusTotal Malware Malicious Traffic Check memory Checks debugger buffers extracted WMI unpack itself Checks Bios Detects VirtualBox Check virtual network interfaces suspicious process malicious URLs WriteConsoleW VMware anti-virtualization Tofsee Windows ComputerName DNS Cryptographic key Software crashed	38 Keyword trend analysis Info https://hastebin.com/raw/ejoxacutog https://hastebin.com/raw/ajizaneqep https://hastebin.com/raw/ahixebawov https://hastebin.com/raw/uyiticizex https://hastebin.com/raw/atudamanev https://hastebin.com/raw/iveqiqaqid https://hastebin.com/raw/kagaxarira https://hastebin.com/raw/mafoxibuti https://hastebin.com/raw/vikimuhiri https://hastebin.com/raw/uxusacikib https://hastebin.com/raw/ijudugigeg https://hastebin.com/raw/joricagove https://hastebin.com/raw/ameyidipiq https://hastebin.com/raw/utaciqadey https://hastebin.com/raw/acafanakac https://hastebin.com/raw/ikuqifiyak https://hastebin.com/raw/ahasoticug https://hastebin.com/raw/nonilabigu https://hastebin.com/raw/ujopeqevon https://hastebin.com/raw/ubikuqitik https://hastebin.com/raw/raziqizoda https://hastebin.com/raw/vokilacemu https://hastebin.com/raw/uxiyavisev https://hastebin.com/raw/iyovujiqef https://hastebin.com/raw/evolazezun https://hastebin.com/raw/iwalovetog https://hastebin.com/raw/izekayenem https://hastebin.com/raw/efiyoyirol https://hastebin.com/raw/kufacucavo https://hastebin.com/raw/igilobalir https://hastebin.com/raw/epijepujey https://hastebin.com/raw/mivaciguti https://hastebin.com/raw/gutiqetoni https://hastebin.com/raw/xuquzovoyu https://hastebin.com/raw/zegemunowu https://hastebin.com/raw/ugojehazuj https://hastebin.com/raw/yopotelube https://hastebin.com/raw/caqesedilu	2	1		12.4	M	38	guest

49939	2020-12-10 18:51	McgjQSIvvkl7ZY4.exe ab95033133d0e0b8fe294a0fdadfa3b5 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Windows ComputerName crashed					12.8	M	47	guest

49940	2020-12-10 18:46	McgjQSIvvkl7ZY4.exe ab95033133d0e0b8fe294a0fdadfa3b5 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Ransomware Windows Tor ComputerName crashed					14.0	M	47	guest

49941	2020-12-10 18:46	keygen.exe 296f45415f8fbf00ec413a5472cb0155 VirusTotal Malware Check memory Checks debugger unpack itself DNS					3.4	M	24	guest

49942	2020-12-10 10:38	karma_koin_codes.exe 82d215a75fb488924bd0b6c9b8eb7c8b VirusTotal Malware AutoRuns suspicious privilege MachineGuid Check memory Checks debugger unpack itself malicious URLs Windows DNS Cryptographic key keylogger					5.4	M	61	guest

49943	2020-12-10 10:37	iencli12.dotm 215d80692babc603e1f71bcc07d37d24 malicious URLs					1.6			guest

49944	2020-12-10 10:32	iencli12.dotm 215d80692babc603e1f71bcc07d37d24 Dridex Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed			3		4.8			guest

49945	2020-12-10 10:32	invoice.exe 7a4f03850546bc2eee6e253ceeb203dc Dridex Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed			3		4.4			guest

49946	2020-12-10 10:24	huaa.exe 879951cddad7add207ee8ed634e4247a VirusTotal Malware Check memory RWX flags setting unpack itself DNS					2.4	M	5	guest

49947	2020-12-10 10:24	growtopiastaff_setup1.61.exe 7c8b5bf99febe00a006c88fa45758117 VirusTotal Malware suspicious privilege Check memory Checks debugger Creates executable files ICMP traffic unpack itself AppData folder malicious URLs WriteConsoleW DNS DDNS		2	1		7.2	M	56	guest

49948	2020-12-10 10:10	FidgetSpinnerUltraEdition.exe 93ac2c489792875ef7bf65ec314404da VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself suspicious process AppData folder malicious URLs sandbox evasion WriteConsoleW Windows Browser DNS Cryptographic key crashed					14.2	M	24	guest

49949	2020-12-10 10:10	googlechrome_3843.exe c9aba0e418f93cfbe9bd12bb7757df94 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Windows Browser Email ComputerName Cryptographic key Software crashed keylogger					14.4		22	guest

49950	2020-12-10 09:55	FidgetSpinnerUltraEdition.exe 93ac2c489792875ef7bf65ec314404da VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself suspicious process AppData folder malicious URLs sandbox evasion WriteConsoleW Windows Browser Cryptographic key crashed					14.2	M	24	guest