Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
51106	2020-11-04 11:46	msi.zip b7f761dd1023f9ce8fa7a3b53ebdd97a VirusTotal Malware	1 Keyword trend analysis	2			1.0	M	18	guest

51107	2020-11-04 11:24	msi.zip b7f761dd1023f9ce8fa7a3b53ebdd97a VirusTotal Malware					0.6	M	18	guest

51108	2020-11-04 11:18	msi.zip b7f761dd1023f9ce8fa7a3b53ebdd97a VirusTotal Malware					0.6	M	18	guest

51109	2020-11-04 10:55	msi.zip b7f761dd1023f9ce8fa7a3b53ebdd97a VirusTotal Malware					0.6	M	16	guest

51110	2020-11-04 10:04	msi.zip b7f761dd1023f9ce8fa7a3b53ebdd97a VirusTotal Malware					0.6	M	16	guest

51111	2020-11-04 09:56	vbc2.exe c3625ccbd503205305fbee104c373165 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware suspicious privilege MachineGuid Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs installed browsers check Windows Browser Email ComputerName DNS Software		1			15.4	M	20	admin

51112	2020-11-04 09:51	msi.zip b7f761dd1023f9ce8fa7a3b53ebdd97a VirusTotal Malware					0.6	M	16	guest

51113	2020-11-04 09:49	vbc.exe 8d03b9509b17ddc71d7420ef41396b82 Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself malicious URLs AntiVM_Disk VM Disk Size Check installed browsers check Windows Browser Email ComputerName Trojan DNS Software	1 Keyword trend analysis	2	10 Info ET MALWARE Trojan Generic - POST To gate.php with no referer ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET INFO HTTP POST Request to Suspicious *.ga Domain ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Fake 404 Response ET INFO DNS Query for Suspicious .ga Domain		15.6	M	49	admin

51114	2020-11-04 09:48	pre.hta e5346a6a7ec54d24dc706e9ed2f109fb suspicious privilege Check memory WMI unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName	1 Keyword trend analysis	2			4.6	M		admin

51115	2020-11-04 09:43	document.doc 926c7c3b1010b8599d883fd9caa04227 VirusTotal Malware Malicious Traffic exploit crash unpack itself malicious URLs Windows Exploit DNS crashed Downloader	1 Keyword trend analysis	1	6 Info ET INFO Executable Download from dotted-quad Host ET CURRENT_EVENTS Terse alphanumeric executable downloader high likelihood of being hostile ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M1 ET POLICY PE EXE or DLL Windows file download HTTP ET CURRENT_EVENTS Likely Evil EXE download from dotted Quad by MSXMLHTTP M2 ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response		5.2	M	28	admin

51116	2020-11-04 09:43	pre.hta e5346a6a7ec54d24dc706e9ed2f109fb crashed					0.6	M		admin

51117	2020-11-04 09:40	msi.zip b7f761dd1023f9ce8fa7a3b53ebdd97a VirusTotal Malware					0.6	M	16	guest

51118	2020-11-04 09:37	msi.zip b7f761dd1023f9ce8fa7a3b53ebdd97a VirusTotal Malware					0.6	M	16	guest

51119	2020-11-04 09:33	msi.zip b7f761dd1023f9ce8fa7a3b53ebdd97a VirusTotal Malware					0.6	M	16	guest

51120	2020-11-04 09:32	msi.zip b7f761dd1023f9ce8fa7a3b53ebdd97a VirusTotal Malware					0.6	M	16	guest