Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
50416	2020-11-22 15:31	M0021.cab 4a6a30db71e78ff73d46d8d999f51098					0.4			ZeroCERT

50417	2020-11-22 15:03	vHJ9aMdbRpFATd3.exe 526f579a895b5294709684a3f48a6704 VirusTotal Malware MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Windows ComputerName DNS		1			13.4	M	38	ZeroCERT

50418	2020-11-22 15:02	zxcv.EXE 82a0a0bd6084c5a28081310e75e7f608 VirusTotal Malware RWX flags setting unpack itself Windows DNS crashed					3.8	M	58	ZeroCERT

50419	2020-11-22 14:58	vHJ9aMdbRpFATd3.exe 526f579a895b5294709684a3f48a6704 VirusTotal Malware MachineGuid Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs WriteConsoleW Windows ComputerName DNS		1			13.4	M	38	ZeroCERT

50420	2020-11-22 14:58	vbc3.exe bf75ed61e1b1f7b310ec1d999077c4dd VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger unpack itself malicious URLs	10 Keyword trend analysis Info http://www.qzrpxx.com/o56q/?AdpLIhj=P2eb/knzekVWtTLKqAP1FhOrr8Fv7hbpHOs/hGmiCsR6+dL7XpK3jSWWK4y62PvCwZCP1G7u&EZ442V=IdnTot2PhnQT http://www.kamisbet.com/o56q/?AdpLIhj=VKLKGhk3Pe2OjeCfLw6g1+470HcCMM4KU97S7s7eStMeb/8KEmVIsOCWQTjbYjSr+CVdjHnL&EZ442V=IdnTot2PhnQT http://www.natcandy.com/o56q/ http://www.natcandy.com/o56q/?AdpLIhj=txyYMtCLm6ubKNHi3qYYn+5SCVWoTymC4Fy9/8gvc5WTXTsch9hYV90QltEHWjVeSRlmmpSg&EZ442V=IdnTot2PhnQT http://www.qzrpxx.com/o56q/ http://www.teelinkz.com/o56q/?AdpLIhj=kNK7qyUppsx1QRLwDQjm/XfEOCgL/rCBvS1q+B2CMQED5QxzM1Z/xLEIYMidk8SKLw+i55Nq&EZ442V=IdnTot2PhnQT http://www.kamisbet.com/o56q/ http://www.620harbourdrive.com/o56q/ http://www.teelinkz.com/o56q/ http://www.620harbourdrive.com/o56q/?AdpLIhj=oBhdXTojpWNHoEp6WHKMn+PMMmogcfgwxJ2vT9od1Z59LPoNEbYBbxB/kh93ERTUpLr6YngX&EZ442V=IdnTot2PhnQT	12 Info www.sz360buy.com(160.122.148.234) www.teelinkz.com(34.102.136.180) www.620harbourdrive.com(184.168.131.241) www.natcandy.com(198.54.117.212) www.qzrpxx.com(47.91.170.148) www.kamisbet.com(104.31.91.19) 198.54.117.218 - suspicious 172.67.219.144 34.102.136.180 - suspicious 184.168.131.241 - suspicious 47.91.170.148 160.122.148.234			6.8	M	22	ZeroCERT

50421	2020-11-22 14:55	vbc2.exe 3d549885e44863c57f59eab47f2271cc VirusTotal Malware Code Injection buffers extracted unpack itself sandbox evasion DNS crashed					6.6	M	44	ZeroCERT

50422	2020-11-22 14:54	vbc.exe 0daef62b8a4b65f7ce2021e21941e32e Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces malicious URLs IP Check Tofsee Ransomware Windows Browser Tor Email ComputerName Cryptographic key Software crashed	2 Keyword trend analysis	4	1		12.4	M	49	ZeroCERT

50423	2020-11-22 14:52	vbc2.exe 3d549885e44863c57f59eab47f2271cc VirusTotal Malware Code Injection buffers extracted unpack itself sandbox evasion crashed					6.0	M	44	ZeroCERT

50424	2020-11-22 14:46	pp.exe bb30a5dd4130b071fb4ca5f005371c63 VirusTotal Malware suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities malicious URLs Windows	2 Keyword trend analysis	4			10.0	M	43	ZeroCERT

50425	2020-11-22 14:44	stub.exe 0e246d7813b9ea04cac28802062a3ddd Browser Info Stealer Malware download VirusTotal Malware Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces malicious URLs IP Check Stealer Browser	3 Keyword trend analysis	4	2	1	5.2	M	52	ZeroCERT

50426	2020-11-22 14:35	POT.exe 51665d04b5fc3289e64ebb819e29e798 VirusTotal Malware Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder malicious URLs crashed					4.0	M	22	ZeroCERT

50427	2020-11-22 14:34	pp.exe bb30a5dd4130b071fb4ca5f005371c63 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs DNS					8.6	M	43	ZeroCERT

50428	2020-11-22 14:31	phy__1__31629__2649094674__160... 6bcfa9f7cff3724c68ab9d9a5a7cfa61 VirusTotal Malware Check memory ICMP traffic unpack itself malicious URLs IP Check RCE DNS	1 Keyword trend analysis	3	1		6.4	M	37	ZeroCERT

50429	2020-11-22 14:31	light.exe 020bc13012ce4db6e204cb1ed174851e Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware AutoRuns suspicious privilege Check memory Checks debugger unpack itself malicious URLs Ransomware Windows Browser Tor Email ComputerName Cryptographic key Software crashed					10.2	M	49	ZeroCERT

50430	2020-11-21 18:09	fcberhy.exe f8ff17fc416136341f7dcc497b2a1e0a Browser Info Stealer Malware download FTP Client Info Stealer Azorult VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency MachineGuid Code Injection Malicious Traffic Check memory buffers extracted Creates executable files unpack itself Collect installed applications AppData folder malicious URLs sandbox evasion anti-virtualization installed browsers check Ransomware Browser Email ComputerName Software crashed		2	2		14.2	M	58	ZeroCERT