Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
50131	2020-11-22 14:44	stub.exe 0e246d7813b9ea04cac28802062a3ddd Browser Info Stealer Malware download VirusTotal Malware Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces malicious URLs IP Check Stealer Browser	3 Keyword trend analysis	4	2	1	5.2	M	52	ZeroCERT

50132	2020-11-22 14:35	POT.exe 51665d04b5fc3289e64ebb819e29e798 VirusTotal Malware Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder malicious URLs crashed					4.0	M	22	ZeroCERT

50133	2020-11-22 14:34	pp.exe bb30a5dd4130b071fb4ca5f005371c63 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs DNS					8.6	M	43	ZeroCERT

50134	2020-11-22 14:31	phy__1__31629__2649094674__160... 6bcfa9f7cff3724c68ab9d9a5a7cfa61 VirusTotal Malware Check memory ICMP traffic unpack itself malicious URLs IP Check RCE DNS	1 Keyword trend analysis	3	1		6.4	M	37	ZeroCERT

50135	2020-11-22 14:31	light.exe 020bc13012ce4db6e204cb1ed174851e Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Check memory Checks debugger unpack itself malicious URLs Ransomware Windows Browser Tor Email ComputerName Cryptographic key Software crashed					10.2	M	49	ZeroCERT

50136	2020-11-21 18:09	fcberhy.exe f8ff17fc416136341f7dcc497b2a1e0a Browser Info Stealer Malware download FTP Client Info Stealer Azorult VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency MachineGuid Code Injection Malicious Traffic Check memory buffers extracted Creates executable files unpack itself Collect installed applications AppData folder malicious URLs sandbox evasion anti-virtualization installed browsers check Ransomware Browser Email ComputerName Software crashed		2	2		14.2	M	58	ZeroCERT

50137	2020-11-21 18:07	ds2.exe 4cf8df527881a65164126227878a5935 VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Disables Windows Security powershell.exe wrote suspicious process malicious URLs Windows ComputerName DNS Cryptographic key					12.4	M	46	ZeroCERT

50138	2020-11-21 18:07	Ubnccbruoun7.exe 9635d5d0882e7ecd9234af3bfd2efa89 VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows DNS Cryptographic key		1			10.4	M	50	ZeroCERT

50139	2020-11-21 18:02	topo.exe b0142b51242c66a94498ff06772f0f72 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger unpack itself Check virtual network interfaces malicious URLs IP Check Tofsee Ransomware Windows Browser Tor Email ComputerName DNS Cryptographic key Software crashed	2 Keyword trend analysis	4	1		12.0	M	51	ZeroCERT

50140	2020-11-21 18:01	tl2gnGyMz6eLhZG.exe a69d92ca36316018b8f7b2daf8de9980 VirusTotal Malware suspicious privilege Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Ransomware Windows Tor ComputerName crashed					8.8	M	22	ZeroCERT

50141	2020-11-21 17:54	SK-01068.exe 57cdf27894584678159ff08d2d19061c VirusTotal Malware Buffer PE AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs Ransomware Windows Tor ComputerName Cryptographic key crashed					14.8	M	52	ZeroCERT

50142	2020-11-21 17:53	stub.exe 0e246d7813b9ea04cac28802062a3ddd Browser Info Stealer Malware download VirusTotal Malware Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces malicious URLs IP Check Stealer Browser	2 Keyword trend analysis	4	2		5.2	M	50	ZeroCERT

50143	2020-11-21 17:41	rc.exe 1a328017740757e16cb7ac98df27e043 Emotet VirusTotal Malware Buffer PE AutoRuns Code Injection Malicious Traffic buffers extracted Creates executable files RWX flags setting unpack itself Windows utilities suspicious process AppData folder malicious URLs Tofsee Interception Windows DNS	1 Keyword trend analysis	9	1		16.6	M	47	ZeroCERT

50144	2020-11-21 17:40	QulLipWrkCCy1E8.exe f04af9c18007f88f35490215ae8198a7 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW installed browsers check Windows Browser Email ComputerName DNS Software		1			17.2	M	23	ZeroCERT

50145	2020-11-21 17:34	ozchgftrq.exe d7a52acd99d213cdeb1f91ed193868d0 Browser Info Stealer Malware download Vidar VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates executable files ICMP traffic unpack itself Windows utilities Collect installed applications suspicious process AppData folder malicious URLs AntiVM_Disk WriteConsoleW anti-virtualization VM Disk Size Check installed browsers check OskiStealer Stealer Windows Browser Email ComputerName	8 Keyword trend analysis	2	4		18.8	M	50	ZeroCERT