Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
50641	2020-11-16 13:00	asdf.EXE 5e1076d2b7b7ba138f08174d602bc167 VirusTotal Malware RWX flags setting unpack itself Windows crashed					3.2	M	57	admin

50642	2020-11-16 09:55	asdf.EXE 5e1076d2b7b7ba138f08174d602bc167 VirusTotal Malware RWX flags setting unpack itself Windows crashed					3.2		49	admin

50643	2020-11-16 08:53	bd2ac88b645f9a64_windows[1].ms... b10818a90e3ff2f35dd2d6cd1be5386b VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself malicious URLs AntiVM_Disk VM Disk Size Check ComputerName					3.6	M	31	guest

50644	2020-11-16 08:40	http://45.129.2.137/windows.ms... b10818a90e3ff2f35dd2d6cd1be5386b Dridex VirusTotal Malware Code Injection Malicious Traffic Creates executable files exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed	1 Keyword trend analysis	2	3		5.6		31	guest

50645	2020-11-16 08:28	http://kalpvedafoundation.com/... 0f2f74c12a0c35894841633c4a274c7a VirusTotal Malware Code Injection Creates executable files exploit crash unpack itself Windows utilities Windows Exploit DNS crashed	1 Keyword trend analysis	4	1		4.6			guest

50646	2020-11-16 07:50	rover.exe 0ddc29dca8aa48dda5519a00663a9d7e VirusTotal Malware unpack itself RCE					2.2	M	22	admin

50647	2020-11-15 21:45	rover.exe 0ddc29dca8aa48dda5519a00663a9d7e unpack itself RCE					1.4			admin

50648	2020-11-15 21:43	lm.exe 2fb76b187bffd19e03ef8a9a75af7966 VirusTotal Malware AutoRuns PDB Code Injection Check memory Checks debugger Creates executable files unpack itself Windows utilities AppData folder malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check Windows ComputerName RCE DNS		3			7.6	M	6	admin

50649	2020-11-15 21:35	lm.exe 2fb76b187bffd19e03ef8a9a75af7966 VirusTotal Malware AutoRuns PDB Code Injection Check memory Checks debugger Creates executable files unpack itself Windows utilities AppData folder malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check Windows ComputerName RCE		2			7.0		6	admin

50650	2020-11-15 19:58	http://143.92.57.83:8080/o.bat 06d6852d600ec97cef029357ef06c949 Dridex VirusTotal Malware Code Injection Malicious Traffic Creates executable files RWX flags setting exploit crash unpack itself Windows utilities AppData folder malicious URLs Tofsee Windows Exploit DNS crashed		2	6 Info SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) ET INFO TLS Handshake Failure ET JA3 Hash - Possible Malware - Unknown traffic associated with Dridex ET POLICY PE EXE or DLL Windows file download HTTP ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response ET INFO EXE - Served Attached HTTP		6.4	M	27	guest

50651	2020-11-15 17:47	crss.exe d8bb039f1f1d49caee5018e499583342 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName Cryptographic key					8.2	M	20	admin

50652	2020-11-15 17:38	crss.exe d8bb039f1f1d49caee5018e499583342 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName Cryptographic key					10.0	M	20	guest

50653	2020-11-15 12:58	5.exe f139bcd08ad8da406f7dd25411d1c9b3 VirusTotal Malware unpack itself malicious URLs					2.8	M	60	admin

50654	2020-11-15 10:00	DTLEP.exe e8d11537236c3439c2c8dda29dfc9a48 VirusTotal Malware AutoRuns Check memory unpack itself Windows RCE crashed keylogger					4.6	M	19	guest

50655	2020-11-15 09:48	IntelHAXM.exe 730113ba879c7bee746edb199f9403b7 VirusTotal Malware Check memory Checks debugger unpack itself malicious URLs					2.8		50	guest