Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
50221	2020-11-19 15:45	mcaceres.exe 547dc41c35d76c0d125ba2b6cfa32a1b VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows ComputerName crashed					10.0	M	39	guest

50222	2020-11-19 15:31	openme.exe d6408ae6bf86b97eadfb3f15bbfd7933 Malware download Dridex TrickBot VirusTotal Malware suspicious privilege MachineGuid Code Injection Check memory buffers extracted RWX flags setting unpack itself suspicious process malicious URLs Tofsee Kovter ComputerName DNS crashed	1 Keyword trend analysis	11	4		11.0	M	13	guest

50223	2020-11-19 15:30	mcaceres.exe 547dc41c35d76c0d125ba2b6cfa32a1b VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Ransomware Windows Tor ComputerName crashed					11.2	M	39	guest

50224	2020-11-19 15:22	xgarnica.exe f99aac098866ce2427e8062b59b17559 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows ComputerName crashed					10.0	M	33	guest

50225	2020-11-19 15:20	6jtrMMSZ9eiS.vbs 8538e375b4e1eb9387f1ad0c999481ca malicious URLs					0.8			guest

50226	2020-11-19 15:19	xgarnica.exe f99aac098866ce2427e8062b59b17559 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger unpack itself malicious URLs					6.6	M	33	guest

50227	2020-11-19 15:19	6jtrMMSZ9eiS.vbs 8538e375b4e1eb9387f1ad0c999481ca malicious URLs					0.8			guest

50228	2020-11-19 15:15	whatisthisherefor.exe 735384bc0506a27f518e04f4124a591e VirusTotal Malware MachineGuid Code Injection Check memory WMI Creates executable files unpack itself Windows utilities malicious URLs WriteConsoleW Tofsee Windows ComputerName DNS crashed	7 Keyword trend analysis Info http://go.microsoft.com/fwlink/?LinkID=88340 http://www.msftncsi.com/ncsi.txt http://go.microsoft.com/fwlink/?LinkID=88339 http://go.microsoft.com/fwlink/?LinkID=88338 https://activation.sls.microsoft.com/slspc/SLActivate.asmx https://activation.sls.microsoft.com/slpkc/SLCertifyProduct.asmx https://activation.sls.microsoft.com/slrac/SLCertify.asmx	3	1		6.6	M	20	guest

50229	2020-11-19 15:14	upgrade.doc 346dc04c2c3627d3726c65f86ff495d0 Vulnerability VirusTotal Malware buffers extracted Creates executable files exploit crash unpack itself malicious URLs Windows Exploit crashed		2	3		6.2	M	21	guest

50230	2020-11-19 13:49	sftp.exe 79f226cec7d09ef5c2b96e1870651324 VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs Windows DNS Cryptographic key DDNS crashed		2	2		14.8	M	50	guest

50231	2020-11-19 13:46	r.exe a5b4252c8bac59ad90a543ec1f2e4a7a VirusTotal Malware Check memory Checks debugger unpack itself					2.0	M	50	guest

50232	2020-11-19 13:26	lol.exe aa938dc5d017dd009fe1649e61380c86 VirusTotal Malware suspicious privilege Code Injection Check memory WMI Creates executable files Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName crashed					7.0	M	17	guest

50233	2020-11-19 13:25	lolv2.exe db850f73090ae8108522466650c1d9ae VirusTotal Malware Creates executable files Windows utilities WriteConsoleW Windows					3.4	M	20	guest

50234	2020-11-19 10:22	IT4l74TKgSA7p92.exe ab2997f06c883b00764bcdae89b8b2d6 VirusTotal Malware suspicious privilege Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Ransomware Windows Tor ComputerName crashed					9.2	M	22	ZeroCERT

50235	2020-11-19 10:09	formbook.exe bc1b1f3d1f8ffb3494f9d5b74c0294fd VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself					2.8	M	30	ZeroCERT