Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
50086	2020-11-24 17:51	cli.exe 4bf7c2f6ffacf3054fbb280dd5d45f36 VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows					8.6		39	ZeroCERT

50087	2020-11-24 15:51	document.write.vbs 74663f4f68ce001eea39eb84d23d7d65 Malware powershell AutoRuns Check memory unpack itself malicious URLs Windows					3.2			ZeroCERT

50088	2020-11-24 15:46	document.write.vbs 74663f4f68ce001eea39eb84d23d7d65 malicious URLs					0.8			ZeroCERT

50089	2020-11-24 15:39	document.write.vbs 6f3859349a1a6bd353df9b481bd8c9df malicious URLs crashed					1.0			ZeroCERT

50090	2020-11-24 15:22	https://myrilullimotithi.blogs... fe9492d9e5545909fb33bb6baa902e6c Dridex VirusTotal Malware Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed	26 Keyword trend analysis Info https://resources.blogblog.com/blogblog/data/1kt/simple/gradients_light.png https://www.gstatic.com/og/_/ss/k=og.qtm.cH7_LpMothw.L.I9.O/m=qawd,qmd/excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhlo,qhmn,qhpc,qhpr,qhsf,qhtb,qhtt/d=1/ed=1/ct=zgms/rs=AA2YrTt8x4NOBAK5u9ZkvYMV9Hgx0uQ7Vg https://myrilullimotithi.blogspot.com/favicon.ico https://www.google.com/css/maia.css https://fonts.googleapis.com/css?family=Open+Sans:300 https://www.google-analytics.com/analytics.js https://www.blogger.com/static/v1/widgets/3416767676-css_bundle_v2.css https://accounts.google.com/ServiceLogin?continue=https://www.blogger.com/blogin.g?blogspotURL%3Dhttps://myrilullimotithi.blogspot.com/p/3a4.html%26bpli%3D1&followup=https://www.blogger.com/blogin.g?blogspotURL%3Dhttps://myrilullimotithi.blogspot.com/p/3a4.html%26bpli%3D1&passive=true&go=true https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc-.woff https://www.blogger.com/static/v1/v-css/281434096-static_pages.css https://www.blogger.com/blogin.g?blogspotURL=https%3A%2F%2Fmyrilullimotithi.blogspot.com%2Fp%2F3a4.html&bpli=1 https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhv.woff https://ssl.gstatic.com/gb/images/p1_5df01b81.png https://www.blogger.com/static/v1/widgets/1791449097-widgets.js https://resources.blogblog.com/blogblog/data/1kt/simple/body_gradient_tile_light.png https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxM.woff https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_clr_74x24px.svg https://fonts.googleapis.com/css?lang=ko&family=Product+Sans\|Roboto:400,700 https://www.blogger.com/img/blogger-logotype-color-black-1x.png https://www.blogger.com/dyn-css/authorization.css?targetBlogID=6181590366086872420&zx=5ce6aa7d-8827-4747-b2c0-e27d8e0ba2bd https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.uhBKOtz6fOw.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8GZHNTtpcfighnqAH0uUZTALLzrw/cb=gapi.loaded_0 https://www.blogger.com/static/v1/jsbin/3101730221-analytics_autotrack.js https://www.gstatic.com/og/_/js/k=og.qtm.en_US.Uy00yW1PZ_k.O/rt=j/m=q_d,qawd,qmd,qsd,qmutsd,qapid/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhlo,qhmn,qhpc,qhpr,qhsf,qhtb,qhtt/d=1/ed=1/rs=AA2YrTvqJb4fU1b04s4njDEmRjn4z7QgQw https://www.blogger.com/static/v1/jsbin/4244862144-ieretrofit.js https://resources.blogblog.com/img/icon18_wrench_allbkg.png https://www.blogger.com/blogin.g?blogspotURL=https://myrilullimotithi.blogspot.com/p/3a4.html	21 Info myrilullimotithi.blogspot.com(172.217.25.97) - mailcious fonts.googleapis.com(216.58.197.138) resources.blogblog.com(216.58.197.169) www.google.com(172.217.175.228) www.gstatic.com(216.58.197.227) ssl.gstatic.com(172.217.31.163) accounts.google.com(172.217.174.109) www.google-analytics.com(216.58.220.110) apis.google.com(172.217.175.46) fonts.gstatic.com(172.217.26.35) www.blogger.com(216.58.197.169) 172.217.25.9 216.58.221.233 172.217.161.142 172.217.24.33 - suspicious 172.217.26.142 172.217.161.170 172.217.161.164 172.217.24.45 172.217.24.67 172.217.26.131	3		4.6	M		ZeroCERT

50091	2020-11-24 14:08	hjpro50_write.exe 0e9e9c056c6c0540e920d02876cfdb2f VirusTotal Malware unpack itself malicious URLs					3.6		24	ZeroCERT

50092	2020-11-24 13:19	file.ps1 88ac77c9b1a6757e3371b1c77f78259a Check memory unpack itself malicious URLs DNS		390 Info kka.stage.1940755.ns.websecurenetworks.xyz() tja.stage.1940755.ns.websecurenetworks.xyz() wia.stage.1940755.ns.websecurenetworks.xyz() lba.stage.1940755.ns.websecurenetworks.xyz() wfa.stage.1940755.ns.websecurenetworks.xyz() zea.stage.1940755.ns.websecurenetworks.xyz() ifa.stage.1940755.ns.websecurenetworks.xyz() tba.stage.1940755.ns.websecurenetworks.xyz() bca.stage.1940755.ns.websecurenetworks.xyz() coa.stage.1940755.ns.websecurenetworks.xyz() koa.stage.1940755.ns.websecurenetworks.xyz() eha.stage.1940755.ns.websecurenetworks.xyz() wna.stage.1940755.ns.websecurenetworks.xyz() qma.stage.1940755.ns.websecurenetworks.xyz() tga.stage.1940755.ns.websecurenetworks.xyz() yma.stage.1940755.ns.websecurenetworks.xyz() tna.stage.1940755.ns.websecurenetworks.xyz() gla.stage.1940755.ns.websecurenetworks.xyz() xga.stage.1940755.ns.websecurenetworks.xyz() jka.stage.1940755.ns.websecurenetworks.xyz() dfa.stage.1940755.ns.websecurenetworks.xyz() gga.stage.1940755.ns.websecurenetworks.xyz() toa.stage.1940755.ns.websecurenetworks.xyz() fja.stage.1940755.ns.websecurenetworks.xyz() mha.stage.1940755.ns.websecurenetworks.xyz() vda.stage.1940755.ns.websecurenetworks.xyz() hga.stage.1940755.ns.websecurenetworks.xyz() aga.stage.1940755.ns.websecurenetworks.xyz() rca.stage.1940755.ns.websecurenetworks.xyz() xoa.stage.1940755.ns.websecurenetworks.xyz() zba.stage.1940755.ns.websecurenetworks.xyz() iea.stage.1940755.ns.websecurenetworks.xyz() yda.stage.1940755.ns.websecurenetworks.xyz() zoa.stage.1940755.ns.websecurenetworks.xyz() oka.stage.1940755.ns.websecurenetworks.xyz() pla.stage.1940755.ns.websecurenetworks.xyz() ela.stage.1940755.ns.websecurenetworks.xyz() sha.stage.1940755.ns.websecurenetworks.xyz() zka.stage.1940755.ns.websecurenetworks.xyz() aka.stage.1940755.ns.websecurenetworks.xyz() nca.stage.1940755.ns.websecurenetworks.xyz() sla.stage.1940755.ns.websecurenetworks.xyz() pma.stage.1940755.ns.websecurenetworks.xyz() oha.stage.1940755.ns.websecurenetworks.xyz() uca.stage.1940755.ns.websecurenetworks.xyz() qla.stage.1940755.ns.websecurenetworks.xyz() woa.stage.1940755.ns.websecurenetworks.xyz() tma.stage.1940755.ns.websecurenetworks.xyz() ffa.stage.1940755.ns.websecurenetworks.xyz() qia.stage.1940755.ns.websecurenetworks.xyz() dla.stage.1940755.ns.websecurenetworks.xyz() ila.stage.1940755.ns.websecurenetworks.xyz() hda.stage.1940755.ns.websecurenetworks.xyz() aaa.stage.1940755.ns.websecurenetworks.xyz() kja.stage.1940755.ns.websecurenetworks.xyz() jga.stage.1940755.ns.websecurenetworks.xyz() laa.stage.1940755.ns.websecurenetworks.xyz() hba.stage.1940755.ns.websecurenetworks.xyz() nga.stage.1940755.ns.websecurenetworks.xyz() xka.stage.1940755.ns.websecurenetworks.xyz() yea.stage.1940755.ns.websecurenetworks.xyz() ria.stage.1940755.ns.websecurenetworks.xyz() pia.stage.1940755.ns.websecurenetworks.xyz() eoa.stage.1940755.ns.websecurenetworks.xyz() ola.stage.1940755.ns.websecurenetworks.xyz() fea.stage.1940755.ns.websecurenetworks.xyz() eba.stage.1940755.ns.websecurenetworks.xyz() bda.stage.1940755.ns.websecurenetworks.xyz() yoa.stage.1940755.ns.websecurenetworks.xyz() qca.stage.1940755.ns.websecurenetworks.xyz() yja.stage.1940755.ns.websecurenetworks.xyz() tka.stage.1940755.ns.websecurenetworks.xyz() kia.stage.1940755.ns.websecurenetworks.xyz() vka.stage.1940755.ns.websecurenetworks.xyz() eaa.stage.1940755.ns.websecurenetworks.xyz() qha.stage.1940755.ns.websecurenetworks.xyz() wea.stage.1940755.ns.websecurenetworks.xyz() lea.stage.1940755.ns.websecurenetworks.xyz() zja.stage.1940755.ns.websecurenetworks.xyz() rfa.stage.1940755.ns.websecurenetworks.xyz() gda.stage.1940755.ns.websecurenetworks.xyz() kea.stage.1940755.ns.websecurenetworks.xyz() aia.stage.1940755.ns.websecurenetworks.xyz() fda.stage.1940755.ns.websecurenetworks.xyz() kma.stage.1940755.ns.websecurenetworks.xyz() nea.stage.1940755.ns.websecurenetworks.xyz() xha.stage.1940755.ns.websecurenetworks.xyz() xea.stage.1940755.ns.websecurenetworks.xyz() ona.stage.1940755.ns.websecurenetworks.xyz() zfa.stage.1940755.ns.websecurenetworks.xyz() bja.stage.1940755.ns.websecurenetworks.xyz() uga.stage.1940755.ns.websecurenetworks.xyz() uka.stage.1940755.ns.websecurenetworks.xyz() bea.stage.1940755.ns.websecurenetworks.xyz() xfa.stage.1940755.ns.websecurenetworks.xyz() eda.stage.1940755.ns.websecurenetworks.xyz() lha.stage.1940755.ns.websecurenetworks.xyz() zla.stage.1940755.ns.websecurenetworks.xyz() oda.stage.1940755.ns.websecurenetworks.xyz() uia.stage.1940755.ns.websecurenetworks.xyz() uba.stage.1940755.ns.websecurenetworks.xyz() rna.stage.1940755.ns.websecurenetworks.xyz() fia.stage.1940755.ns.websecurenetworks.xyz() ooa.stage.1940755.ns.websecurenetworks.xyz() yba.stage.1940755.ns.websecurenetworks.xyz() bma.stage.1940755.ns.websecurenetworks.xyz() ika.stage.1940755.ns.websecurenetworks.xyz() foa.stage.1940755.ns.websecurenetworks.xyz() sja.stage.1940755.ns.websecurenetworks.xyz() rla.stage.1940755.ns.websecurenetworks.xyz() dja.stage.1940755.ns.websecurenetworks.xyz() joa.stage.1940755.ns.websecurenetworks.xyz() jma.stage.1940755.ns.websecurenetworks.xyz() cfa.stage.1940755.ns.websecurenetworks.xyz() oma.stage.1940755.ns.websecurenetworks.xyz() xca.stage.1940755.ns.websecurenetworks.xyz() jna.stage.1940755.ns.websecurenetworks.xyz() gha.stage.1940755.ns.websecurenetworks.xyz() rha.stage.1940755.ns.websecurenetworks.xyz() aea.stage.1940755.ns.websecurenetworks.xyz() yca.stage.1940755.ns.websecurenetworks.xyz() cna.stage.1940755.ns.websecurenetworks.xyz() eca.stage.1940755.ns.websecurenetworks.xyz() uma.stage.1940755.ns.websecurenetworks.xyz() dca.stage.1940755.ns.websecurenetworks.xyz() tha.stage.1940755.ns.websecurenetworks.xyz() ena.stage.1940755.ns.websecurenetworks.xyz() uha.stage.1940755.ns.websecurenetworks.xyz() zda.stage.1940755.ns.websecurenetworks.xyz() ioa.stage.1940755.ns.websecurenetworks.xyz() eja.stage.1940755.ns.websecurenetworks.xyz() rma.stage.1940755.ns.websecurenetworks.xyz() wca.stage.1940755.ns.websecurenetworks.xyz() oga.stage.1940755.ns.websecurenetworks.xyz() yla.stage.1940755.ns.websecurenetworks.xyz() rda.stage.1940755.ns.websecurenetworks.xyz() vma.stage.1940755.ns.websecurenetworks.xyz() hma.stage.1940755.ns.websecurenetworks.xyz() bla.stage.1940755.ns.websecurenetworks.xyz() rea.stage.1940755.ns.websecurenetworks.xyz() kna.stage.1940755.ns.websecurenetworks.xyz() yfa.stage.1940755.ns.websecurenetworks.xyz() oca.stage.1940755.ns.websecurenetworks.xyz() fma.stage.1940755.ns.websecurenetworks.xyz() pea.stage.1940755.ns.websecurenetworks.xyz() vea.stage.1940755.ns.websecurenetworks.xyz() xda.stage.1940755.ns.websecurenetworks.xyz() gka.stage.1940755.ns.websecurenetworks.xyz() wja.stage.1940755.ns.websecurenetworks.xyz() xia.stage.1940755.ns.websecurenetworks.xyz() maa.stage.1940755.ns.websecurenetworks.xyz() cja.stage.1940755.ns.websecurenetworks.xyz() dba.stage.1940755.ns.websecurenetworks.xyz() qba.stage.1940755.ns.websecurenetworks.xyz() kfa.stage.1940755.ns.websecurenetworks.xyz() uaa.stage.1940755.ns.websecurenetworks.xyz() xma.stage.1940755.ns.websecurenetworks.xyz() iga.stage.1940755.ns.websecurenetworks.xyz() lma.stage.1940755.ns.websecurenetworks.xyz() dha.stage.1940755.ns.websecurenetworks.xyz() qfa.stage.1940755.ns.websecurenetworks.xyz() hfa.stage.1940755.ns.websecurenetworks.xyz() mba.stage.1940755.ns.websecurenetworks.xyz() dma.stage.1940755.ns.websecurenetworks.xyz() sea.stage.1940755.ns.websecurenetworks.xyz() aja.stage.1940755.ns.websecurenetworks.xyz() rga.stage.1940755.ns.websecurenetworks.xyz() jfa.stage.1940755.ns.websecurenetworks.xyz() qja.stage.1940755.ns.websecurenetworks.xyz() yna.stage.1940755.ns.websecurenetworks.xyz() bfa.stage.1940755.ns.websecurenetworks.xyz() zha.stage.1940755.ns.websecurenetworks.xyz() gba.stage.1940755.ns.websecurenetworks.xyz() fna.stage.1940755.ns.websecurenetworks.xyz() nia.stage.1940755.ns.websecurenetworks.xyz() eka.stage.1940755.ns.websecurenetworks.xyz() haa.stage.1940755.ns.websecurenetworks.xyz() fha.stage.1940755.ns.websecurenetworks.xyz() lia.stage.1940755.ns.websecurenetworks.xyz() vaa.stage.1940755.ns.websecurenetworks.xyz() wka.stage.1940755.ns.websecurenetworks.xyz() poa.stage.1940755.ns.websecurenetworks.xyz() cia.stage.1940755.ns.websecurenetworks.xyz() mfa.stage.1940755.ns.websecurenetworks.xyz() cda.stage.1940755.ns.websecurenetworks.xyz() ega.stage.1940755.ns.websecurenetworks.xyz() nda.stage.1940755.ns.websecurenetworks.xyz() waa.stage.1940755.ns.websecurenetworks.xyz() naa.stage.1940755.ns.websecurenetworks.xyz() taa.stage.1940755.ns.websecurenetworks.xyz() wda.stage.1940755.ns.websecurenetworks.xyz() raa.stage.1940755.ns.websecurenetworks.xyz() cga.stage.1940755.ns.websecurenetworks.xyz() jja.stage.1940755.ns.websecurenetworks.xyz() uea.stage.1940755.ns.websecurenetworks.xyz() ema.stage.1940755.ns.websecurenetworks.xyz() xla.stage.1940755.ns.websecurenetworks.xyz() ofa.stage.1940755.ns.websecurenetworks.xyz() iha.stage.1940755.ns.websecurenetworks.xyz() dea.stage.1940755.ns.websecurenetworks.xyz() ica.stage.1940755.ns.websecurenetworks.xyz() tea.stage.1940755.ns.websecurenetworks.xyz() lka.stage.1940755.ns.websecurenetworks.xyz() vba.stage.1940755.ns.websecurenetworks.xyz() jia.stage.1940755.ns.websecurenetworks.xyz() voa.stage.1940755.ns.websecurenetworks.xyz() mda.stage.1940755.ns.websecurenetworks.xyz() uoa.stage.1940755.ns.websecurenetworks.xyz() saa.stage.1940755.ns.websecurenetworks.xyz() sma.stage.1940755.ns.websecurenetworks.xyz() iaa.stage.1940755.ns.websecurenetworks.xyz() gna.stage.1940755.ns.websecurenetworks.xyz() oea.stage.1940755.ns.websecurenetworks.xyz() zga.stage.1940755.ns.websecurenetworks.xyz() vla.stage.1940755.ns.websecurenetworks.xyz() cba.stage.1940755.ns.websecurenetworks.xyz() ima.stage.1940755.ns.websecurenetworks.xyz() uda.stage.1940755.ns.websecurenetworks.xyz() xja.stage.1940755.ns.websecurenetworks.xyz() dda.stage.1940755.ns.websecurenetworks.xyz() mna.stage.1940755.ns.websecurenetworks.xyz() soa.stage.1940755.ns.websecurenetworks.xyz() sda.stage.1940755.ns.websecurenetworks.xyz() pha.stage.1940755.ns.websecurenetworks.xyz() mea.stage.1940755.ns.websecurenetworks.xyz() wla.stage.1940755.ns.websecurenetworks.xyz() oia.stage.1940755.ns.websecurenetworks.xyz() eea.stage.1940755.ns.websecurenetworks.xyz() gea.stage.1940755.ns.websecurenetworks.xyz() jha.stage.1940755.ns.websecurenetworks.xyz() oaa.stage.1940755.ns.websecurenetworks.xyz() pja.stage.1940755.ns.websecurenetworks.xyz() yia.stage.1940755.ns.websecurenetworks.xyz() ida.stage.1940755.ns.websecurenetworks.xyz() hia.stage.1940755.ns.websecurenetworks.xyz() pfa.stage.1940755.ns.websecurenetworks.xyz() dka.stage.1940755.ns.websecurenetworks.xyz() hka.stage.1940755.ns.websecurenetworks.xyz() ala.stage.1940755.ns.websecurenetworks.xyz() mga.stage.1940755.ns.websecurenetworks.xyz() mja.stage.1940755.ns.websecurenetworks.xyz() nha.stage.1940755.ns.websecurenetworks.xyz() via.stage.1940755.ns.websecurenetworks.xyz() hha.stage.1940755.ns.websecurenetworks.xyz() nma.stage.1940755.ns.websecurenetworks.xyz() pna.stage.1940755.ns.websecurenetworks.xyz() daa.stage.1940755.ns.websecurenetworks.xyz() wma.stage.1940755.ns.websecurenetworks.xyz() ada.stage.1940755.ns.websecurenetworks.xyz() cea.stage.1940755.ns.websecurenetworks.xyz() ska.stage.1940755.ns.websecurenetworks.xyz() bia.stage.1940755.ns.websecurenetworks.xyz() rba.stage.1940755.ns.websecurenetworks.xyz() jea.stage.1940755.ns.websecurenetworks.xyz() nja.stage.1940755.ns.websecurenetworks.xyz() cha.stage.1940755.ns.websecurenetworks.xyz() sna.stage.1940755.ns.websecurenetworks.xyz() nba.stage.1940755.ns.websecurenetworks.xyz() xba.stage.1940755.ns.websecurenetworks.xyz() jca.stage.1940755.ns.websecurenetworks.xyz() jla.stage.1940755.ns.websecurenetworks.xyz() gaa.stage.1940755.ns.websecurenetworks.xyz() cla.stage.1940755.ns.websecurenetworks.xyz() pka.stage.1940755.ns.websecurenetworks.xyz() mma.stage.1940755.ns.websecurenetworks.xyz() wba.stage.1940755.ns.websecurenetworks.xyz() yga.stage.1940755.ns.websecurenetworks.xyz() pba.stage.1940755.ns.websecurenetworks.xyz() nla.stage.1940755.ns.websecurenetworks.xyz() yha.stage.1940755.ns.websecurenetworks.xyz() fga.stage.1940755.ns.websecurenetworks.xyz() pca.stage.1940755.ns.websecurenetworks.xyz() dia.stage.1940755.ns.websecurenetworks.xyz() eia.stage.1940755.ns.websecurenetworks.xyz() wha.stage.1940755.ns.websecurenetworks.xyz() mia.stage.1940755.ns.websecurenetworks.xyz() vna.stage.1940755.ns.websecurenetworks.xyz() vca.stage.1940755.ns.websecurenetworks.xyz() kga.stage.1940755.ns.websecurenetworks.xyz() bha.stage.1940755.ns.websecurenetworks.xyz() sga.stage.1940755.ns.websecurenetworks.xyz() vga.stage.1940755.ns.websecurenetworks.xyz() gia.stage.1940755.ns.websecurenetworks.xyz() bba.stage.1940755.ns.websecurenetworks.xyz() iba.stage.1940755.ns.websecurenetworks.xyz() fla.stage.1940755.ns.websecurenetworks.xyz() zaa.stage.1940755.ns.websecurenetworks.xyz() kda.stage.1940755.ns.websecurenetworks.xyz() bga.stage.1940755.ns.websecurenetworks.xyz() qoa.stage.1940755.ns.websecurenetworks.xyz() paa.stage.1940755.ns.websecurenetworks.xyz() iia.stage.1940755.ns.websecurenetworks.xyz() oba.stage.1940755.ns.websecurenetworks.xyz() xna.stage.1940755.ns.websecurenetworks.xyz() lga.stage.1940755.ns.websecurenetworks.xyz() jaa.stage.1940755.ns.websecurenetworks.xyz() cma.stage.1940755.ns.websecurenetworks.xyz() tia.stage.1940755.ns.websecurenetworks.xyz() lna.stage.1940755.ns.websecurenetworks.xyz() zia.stage.1940755.ns.websecurenetworks.xyz() fka.stage.1940755.ns.websecurenetworks.xyz() rja.stage.1940755.ns.websecurenetworks.xyz() una.stage.1940755.ns.websecurenetworks.xyz() oja.stage.1940755.ns.websecurenetworks.xyz() aca.stage.1940755.ns.websecurenetworks.xyz() ana.stage.1940755.ns.websecurenetworks.xyz() caa.stage.1940755.ns.websecurenetworks.xyz() lja.stage.1940755.ns.websecurenetworks.xyz() uja.stage.1940755.ns.websecurenetworks.xyz() loa.stage.1940755.ns.websecurenetworks.xyz() rka.stage.1940755.ns.websecurenetworks.xyz() pga.stage.1940755.ns.websecurenetworks.xyz() efa.stage.1940755.ns.websecurenetworks.xyz() ama.stage.1940755.ns.websecurenetworks.xyz() sfa.stage.1940755.ns.websecurenetworks.xyz() nna.stage.1940755.ns.websecurenetworks.xyz() yaa.stage.1940755.ns.websecurenetworks.xyz() ufa.stage.1940755.ns.websecurenetworks.xyz() hla.stage.1940755.ns.websecurenetworks.xyz() sca.stage.1940755.ns.websecurenetworks.xyz() jba.stage.1940755.ns.websecurenetworks.xyz() cka.stage.1940755.ns.websecurenetworks.xyz() vfa.stage.1940755.ns.websecurenetworks.xyz() mla.stage.1940755.ns.websecurenetworks.xyz() gfa.stage.1940755.ns.websecurenetworks.xyz() noa.stage.1940755.ns.websecurenetworks.xyz() jda.stage.1940755.ns.websecurenetworks.xyz() zma.stage.1940755.ns.websecurenetworks.xyz() boa.stage.1940755.ns.websecurenetworks.xyz() tca.stage.1940755.ns.websecurenetworks.xyz() gma.stage.1940755.ns.websecurenetworks.xyz() roa.stage.1940755.ns.websecurenetworks.xyz() hoa.stage.1940755.ns.websecurenetworks.xyz() dna.stage.1940755.ns.websecurenetworks.xyz() kba.stage.1940755.ns.websecurenetworks.xyz() vja.stage.1940755.ns.websecurenetworks.xyz() sia.stage.1940755.ns.websecurenetworks.xyz() qka.stage.1940755.ns.websecurenetworks.xyz() qga.stage.1940755.ns.websecurenetworks.xyz() goa.stage.1940755.ns.websecurenetworks.xyz() moa.stage.1940755.ns.websecurenetworks.xyz() xaa.stage.1940755.ns.websecurenetworks.xyz() aha.stage.1940755.ns.websecurenetworks.xyz() gca.stage.1940755.ns.websecurenetworks.xyz() sba.stage.1940755.ns.websecurenetworks.xyz() yka.stage.1940755.ns.websecurenetworks.xyz() nka.stage.1940755.ns.websecurenetworks.xyz() bna.stage.1940755.ns.websecurenetworks.xyz() kha.stage.1940755.ns.websecurenetworks.xyz() tla.stage.1940755.ns.websecurenetworks.xyz() ija.stage.1940755.ns.websecurenetworks.xyz() qea.stage.1940755.ns.websecurenetworks.xyz() qna.stage.1940755.ns.websecurenetworks.xyz() kca.stage.1940755.ns.websecurenetworks.xyz() mca.stage.1940755.ns.websecurenetworks.xyz() ina.stage.1940755.ns.websecurenetworks.xyz() cca.stage.1940755.ns.websecurenetworks.xyz() hna.stage.1940755.ns.websecurenetworks.xyz() mka.stage.1940755.ns.websecurenetworks.xyz() zna.stage.1940755.ns.websecurenetworks.xyz() zca.stage.1940755.ns.websecurenetworks.xyz() wga.stage.1940755.ns.websecurenetworks.xyz() gja.stage.1940755.ns.websecurenetworks.xyz() fca.stage.1940755.ns.websecurenetworks.xyz() baa.stage.1940755.ns.websecurenetworks.xyz() faa.stage.1940755.ns.websecurenetworks.xyz() kaa.stage.1940755.ns.websecurenetworks.xyz() kla.stage.1940755.ns.websecurenetworks.xyz() lfa.stage.1940755.ns.websecurenetworks.xyz() doa.stage.1940755.ns.websecurenetworks.xyz() fba.stage.1940755.ns.websecurenetworks.xyz() lca.stage.1940755.ns.websecurenetworks.xyz() nfa.stage.1940755.ns.websecurenetworks.xyz() bka.stage.1940755.ns.websecurenetworks.xyz() aoa.stage.1940755.ns.websecurenetworks.xyz() qaa.stage.1940755.ns.websecurenetworks.xyz() tda.stage.1940755.ns.websecurenetworks.xyz() pda.stage.1940755.ns.websecurenetworks.xyz() hca.stage.1940755.ns.websecurenetworks.xyz() lda.stage.1940755.ns.websecurenetworks.xyz() aba.stage.1940755.ns.websecurenetworks.xyz() qda.stage.1940755.ns.websecurenetworks.xyz() lla.stage.1940755.ns.websecurenetworks.xyz() vha.stage.1940755.ns.websecurenetworks.xyz() dga.stage.1940755.ns.websecurenetworks.xyz() hea.stage.1940755.ns.websecurenetworks.xyz() hja.stage.1940755.ns.websecurenetworks.xyz() ula.stage.1940755.ns.websecurenetworks.xyz() afa.stage.1940755.ns.websecurenetworks.xyz() tfa.stage.1940755.ns.websecurenetworks.xyz()			2.0			ZeroCERT

50093	2020-11-24 11:43	clop2.exe 92d0ca02e6874926e5b5fe7cf7351d7b VirusTotal Malware malicious URLs WriteConsoleW					2.4		46	ZeroCERT

50094	2020-11-24 11:36	clop.exe 4dfb145cec1456cf6cf145f32f01ceff VirusTotal Malware Check memory unpack itself malicious URLs ComputerName DNS crashed					3.6		45	ZeroCERT

50095	2020-11-24 11:36	vbc2.exe 44150226048cd14567ce9874c0b549fc VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces malicious URLs WriteConsoleW Tofsee Windows Cryptographic key	3 Keyword trend analysis	2	1		8.8	M	27	ZeroCERT

50096	2020-11-24 11:28	vbc.exe 6804a885c77f6f5379cea37439f47eaf VirusTotal Malware DNS		2			3.4	M	54	ZeroCERT

50097	2020-11-24 11:28	svch.exe 2aa72d8ddee42fde91878cffe0ac139e Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces malicious URLs IP Check Tofsee Ransomware Windows Browser Tor Email ComputerName Cryptographic key Software crashed	2 Keyword trend analysis	4	1		10.0	M	49	ZeroCERT

50098	2020-11-24 11:23	presh.exe 174928672b2339c57a6882125957e672 VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities malicious URLs Windows	2 Keyword trend analysis	4			10.0	M	45	ZeroCERT

50099	2020-11-24 11:20	Spoof_123.exe 48075a122eb84fc077fb80e59d3834ed VirusTotal Malware Check memory Checks debugger unpack itself ComputerName DNS					3.2	M	51	ZeroCERT

50100	2020-11-24 11:20	presh.exe 174928672b2339c57a6882125957e672 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs					8.0	M	45	ZeroCERT