Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
50311	2020-11-20 10:53	바이든 시대 북한 비핵화 협상의 또 하나암초 - 북한 ... c0c9b52ce51df46422e4fa14178beeec VirusTotal Malware Check memory unpack itself suspicious process malicious URLs Interception DNS	1 Keyword trend analysis	2		1	6.8	M	39	guest

50312	2020-11-20 10:51	바이든 시대 북한 비핵화 협상의 또 하나암초 - 북한 ... c0c9b52ce51df46422e4fa14178beeec VirusTotal Malware Check memory unpack itself suspicious process malicious URLs Interception	1 Keyword trend analysis	2		1	5.6	M	39	guest

50313	2020-11-20 10:37	bshotss.exe 81f02b601ffe1ee451cd6d9155082ff7 VirusTotal Malware Check memory Checks debugger unpack itself malicious URLs ComputerName DNS					3.8	M	35	admin

50314	2020-11-20 10:37	ashotss.exe 48a8882f81b465d8097e09725efa29d8 VirusTotal Malware Check memory Checks debugger unpack itself malicious URLs ComputerName					3.2	M	38	admin

50315	2020-11-20 07:59	https://tastelaspices.in/ccss/... 48a8882f81b465d8097e09725efa29d8 Dridex VirusTotal Malware Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed		2	3		4.6			guest

50316	2020-11-19 15:46	WebBrowseHttp.exe c252603232987121f642be93e9e39348 Malware download Dridex TrickBot VirusTotal Malware suspicious privilege MachineGuid Code Injection buffers extracted RWX flags setting unpack itself suspicious process malicious URLs Tofsee Kovter ComputerName RCE DNS crashed	1 Keyword trend analysis	11	5 Info SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET JA3 Hash - Possible Malware - Various Trickbot/Kovter/Dridex ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O) ET MALWARE ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Dridex/Trickbot CnC) ET DROP Spamhaus DROP Listed Traffic Inbound group 17		11.6	M	13	guest

50317	2020-11-19 15:45	mcaceres.exe 547dc41c35d76c0d125ba2b6cfa32a1b VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows ComputerName crashed					10.0	M	39	guest

50318	2020-11-19 15:31	openme.exe d6408ae6bf86b97eadfb3f15bbfd7933 Malware download Dridex TrickBot VirusTotal Malware suspicious privilege MachineGuid Code Injection Check memory buffers extracted RWX flags setting unpack itself suspicious process malicious URLs Tofsee Kovter ComputerName DNS crashed	1 Keyword trend analysis	11	4		11.0	M	13	guest

50319	2020-11-19 15:30	mcaceres.exe 547dc41c35d76c0d125ba2b6cfa32a1b VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Ransomware Windows Tor ComputerName crashed					11.2	M	39	guest

50320	2020-11-19 15:22	xgarnica.exe f99aac098866ce2427e8062b59b17559 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows ComputerName crashed					10.0	M	33	guest

50321	2020-11-19 15:20	6jtrMMSZ9eiS.vbs 8538e375b4e1eb9387f1ad0c999481ca malicious URLs					0.8			guest

50322	2020-11-19 15:19	xgarnica.exe f99aac098866ce2427e8062b59b17559 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger unpack itself malicious URLs					6.6	M	33	guest

50323	2020-11-19 15:19	6jtrMMSZ9eiS.vbs 8538e375b4e1eb9387f1ad0c999481ca malicious URLs					0.8			guest

50324	2020-11-19 15:15	whatisthisherefor.exe 735384bc0506a27f518e04f4124a591e VirusTotal Malware MachineGuid Code Injection Check memory WMI Creates executable files unpack itself Windows utilities malicious URLs WriteConsoleW Tofsee Windows ComputerName DNS crashed	7 Keyword trend analysis Info http://go.microsoft.com/fwlink/?LinkID=88340 http://www.msftncsi.com/ncsi.txt http://go.microsoft.com/fwlink/?LinkID=88339 http://go.microsoft.com/fwlink/?LinkID=88338 https://activation.sls.microsoft.com/slspc/SLActivate.asmx https://activation.sls.microsoft.com/slpkc/SLCertifyProduct.asmx https://activation.sls.microsoft.com/slrac/SLCertify.asmx	3	1		6.6	M	20	guest

50325	2020-11-19 15:14	upgrade.doc 346dc04c2c3627d3726c65f86ff495d0 Vulnerability VirusTotal Malware buffers extracted Creates executable files exploit crash unpack itself malicious URLs Windows Exploit crashed		2	3		6.2	M	21	guest