Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
5791	2021-03-09 16:28	VmymIr84VZb2itf.exe c0790b6907fbeef1f3772242731069d1 Azorult .NET framework VirusTotal Malware Check memory Checks debugger unpack itself malicious URLs Windows DNS Cryptographic key					3.6	M	24	guest

5792	2021-03-09 16:31	This.exe c49dd8107b3624f824efe4f88cb3f792 FindFirstVolume CryptGenKey Process Kill VirusTotal Cryptocurrency Miner Malware Cryptocurrency AutoRuns Check memory Checks debugger unpack itself Windows utilities suspicious process malicious URLs sandbox evasion WriteConsoleW Windows Browser ComputerName DNS		1			9.0	M	52	guest

5793	2021-03-09 16:37	win32.exe 6f0479fecc84863e671ae73fadb1d91c VirusTotal Malware PDB unpack itself Windows Remote Code Execution DNS crashed					3.8	M	41	guest

5794	2021-03-09 16:39	winlog.exe b70b9db72b2ca57bc40cf423502e25ee FormBook Malware download VirusTotal Malware suspicious privilege Malicious Traffic Check memory Creates executable files ICMP traffic unpack itself AppData folder malicious URLs sandbox evasion ComputerName	24 Keyword trend analysis Info http://www.yzhxnhcl.com/smd0/?iB9=k3TllRAvr5OtQUY+nMpSaqyzbjiURRVW/k5VwoEAlmeua29KJafZx4NoeuinLMD5CPQd2de0&lH18=VTRPbxNpZJSHZD http://www.anaffordablehand.com/smd0/?iB9=inuBuTf/fLTP6L8UweQf9uXa+UJ2K3Fk/5bm1vZWmg2qzrg50JfTOYaWcZugy5BpBq8XsNUF&lH18=VTRPbxNpZJSHZD http://www.classtoshop.com/smd0/?iB9=5Rb+8ZQiDHH9+wx5aTS1K3PV2fWUECtpeZ/oSRZRwjBFbHfVn6G5RVWQmMoEAHPAbEtvMSSQ&lH18=VTRPbxNpZJSHZD http://www.sachatco.com/smd0/?iB9=woMX8F4wNCY7+Wt/mmlnHE6MJ6944slQEs6ArHb+iOC3qKS/a+htGY+rbiHJ1p2k9yZYILjh&lH18=VTRPbxNpZJSHZD http://www.scamregister.net/smd0/?iB9=UaLR7GyefzIhysespKehGuNFZB+29zKaMEIqWZbX3h2mogJjrxRZ2Dgp7JHKMVqkIoRVOLgT&lH18=VTRPbxNpZJSHZD http://www.stellarbookkeeping.com/smd0/ http://www.rumahmadu99.info/smd0/?iB9=qXoP2RJMRCK3rW0hAwFrIYdpt1xkmYbp86QG06cgF5ncbymE6n6Kkxf/5QZ0ZXcPUmBC0xPI&lH18=VTRPbxNpZJSHZD http://www.blackloveapparel2020.com/smd0/?iB9=s9r6Qr8S14mPNw4ooaw5kH2N4QA0oAVuuu/NxF5g2JYmdYQ2R4m2GUq1St/vlb0vu+FYFIJJ&lH18=VTRPbxNpZJSHZD http://www.classtoshop.com/smd0/ http://www.stellarbookkeeping.com/smd0/?iB9=qKAvPN8GRxjTUGbYok3GF23v8sJH4WnOStud3UluPKIdHj57CTp5vYr2EhhgUd0soBU4s7dW&lH18=VTRPbxNpZJSHZD http://www.blackloveapparel2020.com/smd0/ http://www.slimproxy.com/smd0/?iB9=iWbSppuimIyokxW1eiLPfphhgkQ2SXNm4uFFvKUmx027aKARaNW+pS+X1lPGoZDgWan1yHBu&lH18=VTRPbxNpZJSHZD http://www.whatsbanking.com/smd0/ http://www.legendaryrelics.com/smd0/?iB9=rIQCq794CnyDwVjSH4p0QAmLdr9zq7aGG5gebZ71dN2N3Nii+D18DFv7mSLHtqRqif8E9GPL&lH18=VTRPbxNpZJSHZD http://www.legendaryrelics.com/smd0/ http://www.sachatco.com/smd0/ http://www.scamregister.net/smd0/ http://www.rumahmadu99.info/smd0/ http://www.hikayemedya.com/smd0/?iB9=GOmwBBTkN+4Rw04hXmNjyqcLvSsgQS1p0LkYyDLRUFzBiGCdWpAuZHWozxzGfk8WgE6AjVgS&lH18=VTRPbxNpZJSHZD http://www.yzhxnhcl.com/smd0/ http://www.whatsbanking.com/smd0/?iB9=Rtx4AnT4DdcL+dY/LPBlAgSoR5YMmpASIHwDekHrgZTiAuGnJvUi6HQFLgay33zoKjNu1vEV&lH18=VTRPbxNpZJSHZD http://www.anaffordablehand.com/smd0/ http://www.hikayemedya.com/smd0/ http://www.slimproxy.com/smd0/	26 Info www.anaffordablehand.com(216.239.34.21) www.blackloveapparel2020.com(23.227.38.74) www.legendaryrelics.com(172.217.161.51) www.sachatco.com(198.49.23.144) www.mysticalpalmist.com() www.classtoshop.com(75.2.124.199) www.whatsbanking.com(3.223.115.185) www.stellarbookkeeping.com(69.163.225.40) www.hikayemedya.com(184.168.131.241) www.scamregister.net(34.102.136.180) www.slimproxy.com(104.223.213.141) www.rumahmadu99.info(178.128.48.21) www.yzhxnhcl.com(34.102.136.180) www.startzassets.com() www.justsomerandomthoughts.com() 172.217.161.51 3.223.115.185 - mailcious 184.168.131.241 - mailcious 216.239.32.21 - mailcious 34.102.136.180 - mailcious 69.163.225.40 104.223.213.141 - malware 75.2.73.220 23.227.38.74 - mailcious 198.185.159.144 - mailcious 178.128.48.21	1		7.0	M	31	guest

5795	2021-03-09 17:01	xloa.exe 7af8b7bc89ddadfaea70fa5ae5be4ffa AsyncRAT backdoor Azorult .NET framework VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows Cryptographic key					7.6		14	guest

5796	2021-03-09 17:03	xloa.exe 7af8b7bc89ddadfaea70fa5ae5be4ffa AsyncRAT backdoor Azorult .NET framework VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows DNS Cryptographic key					8.2		14	guest

5797	2021-03-09 18:17	bobox.exe b180f2a24d5dc06cac7012b78c467d1e email stealer Download management info stealer Antivirus Google Chrome User Data browser Win Trojan agentTesla AsyncRAT backdoor ftp Client VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Disables Windows Security powershell.exe wrote Check virtual network interfaces suspicious process malicious URLs WriteConsoleW Ransomware Windows Tor ComputerName Cryptographic key crashed	3 Keyword trend analysis Info http://liverpoolofcfanclub.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-8CD82D0342D740A849EDB3CF376DC9E0.html http://liverpoolofcfanclub.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-A7626AB2E55D65F8A60E268E24EFC7D5.html http://liverpoolofcfanclub.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-D09875ECB32701709B40B53A5F5953C6.html	2			14.4		11	guest

5798	2021-03-09 18:18	dutchx.exe 942bb7359a82d93090b8f7dc50863e1f email stealer Download management info stealer Antivirus Google Chrome User Data browser Win Trojan agentTesla AsyncRAT backdoor ftp Client VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Disables Windows Security powershell.exe wrote Check virtual network interfaces suspicious process malicious URLs WriteConsoleW Ransomware Windows Tor ComputerName DNS Cryptographic key crashed	3 Keyword trend analysis Info http://liverpoolofcfanclub.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-1FD9AB8199480BC3A994BAEC9A1FE86D.html http://liverpoolofcfanclub.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-99D6EFA54D3D5DEB8302F76F6EFCBC2F.html http://liverpoolofcfanclub.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-743470EADC8F6DFF9E8B4425C8B9F75A.html	2			15.4		9	guest

5799	2021-03-09 18:30	fushowx.exe d0a55dc67d9242c250f810db5064ddbf Antivirus AsyncRAT backdoor Browser Info Stealer LokiBot Malware download FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware c&c powershell suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself Disables Windows Security powershell.exe wrote Check virtual network interfaces suspicious process malicious URLs WriteConsoleW installed browsers check Windows Browser Email ComputerName Cryptographic key Software crashed	3 Keyword trend analysis Info http://liverpoolofcfanclub.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-F0C57E7F0992E9869D56B6A454993147.html - rule_id: 361 http://liverpoolofcfanclub.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-923C431637A0113E5F0A2FAD0D1A4D74.html - rule_id: 361 http://becharnise.ir/fb9/fre.php	4	7 Info ET MALWARE LokiBot User-Agent (Charon/Inferno) ET MALWARE LokiBot Checkin ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 ET MALWARE LokiBot Request for C2 Commands Detected M1 ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2 ET MALWARE LokiBot Request for C2 Commands Detected M2 ET MALWARE LokiBot Fake 404 Response	2	15.4	M	9	guest

5800	2021-03-09 18:32	kdotx.exe 0d7a0f2c3d3f21afbdd069cb96031358 email stealer Download management info stealer Antivirus Google Chrome User Data browser Win Trojan agentTesla AsyncRAT backdoor ftp Client Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Disables Windows Security powershell.exe wrote Check virtual network interfaces suspicious process malicious URLs WriteConsoleW Ransomware Windows Browser Tor Email ComputerName DNS Cryptographic key Software crashed keylogger	3 Keyword trend analysis Info http://liverpoolofcfanclub.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-3C4394DAC145C3617CA1A5965A453391.html - rule_id: 361 http://liverpoolofcfanclub.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-46D5B114EA8720234F10AE8FA92F9E75.html - rule_id: 361 http://liverpoolofcfanclub.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-26BCE99198F0A20DD0DDD6BB04366822.html - rule_id: 361	2		3	17.6	M	9	ZeroCERT

5801	2021-03-09 18:34	majicmanx.exe db24615ec3585578664b5daf0a9404c4 Antivirus AsyncRAT backdoor VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Disables Windows Security powershell.exe wrote Check virtual network interfaces suspicious process malicious URLs WriteConsoleW Windows ComputerName Cryptographic key crashed	2 Keyword trend analysis Info http://liverpoolofcfanclub.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-D4BE4404B06722C522BA515E8F104E67.html - rule_id: 361 http://liverpoolofcfanclub.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-276D85D8ABC61D8ADEFCB57C5AA3C601.html - rule_id: 361	2		2	12.6	M	12	ZeroCERT

5802	2021-03-10 09:41	massloga.exe f8d6a59b9140fb6af43ae918a7eeb246 AsyncRAT backdoor VirusTotal Malware Check memory Checks debugger unpack itself Check virtual network interfaces malicious URLs DNS	1 Keyword trend analysis	3		1	4.6	M	13	guest

5803	2021-03-10 09:43	odinakax.exe 77a89bdddb7839de0ef5ba315e34a0d9 email stealer Download management info stealer Antivirus Google Chrome User Data browser Win Trojan agentTesla AsyncRAT backdoor ftp Client Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Disables Windows Security powershell.exe wrote Check virtual network interfaces suspicious process malicious URLs WriteConsoleW Ransomware Windows Browser Tor Email ComputerName Cryptographic key Software crashed keylogger	3 Keyword trend analysis Info http://liverpoolofcfanclub.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-8915976252B97B6CDA1DDC2EF0C139A9.html - rule_id: 361 http://liverpoolofcfanclub.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-EE6AC980AA6B3D18C7AED5EF9A753686.html - rule_id: 361 http://liverpoolofcfanclub.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-9A43BF39662C71F1093E75A40995EE5A.html - rule_id: 361	2		3	16.8	M	22	guest

5804	2021-03-10 12:19	oneandone.exe eedbd28ff032dc43367c03e90ab06c61 AsyncRAT backdoor VirusTotal Malware Check memory Checks debugger unpack itself Check virtual network interfaces	1 Keyword trend analysis	2		1	2.2	M	17	guest

5805	2021-03-10 12:21	originfile.exe b8125cfe738d72357518509d29049184 Antivirus AsyncRAT backdoor Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Disables Windows Security powershell.exe wrote Check virtual network interfaces suspicious process malicious URLs WriteConsoleW Windows Browser Email ComputerName DNS Cryptographic key Software crashed keylogger	3 Keyword trend analysis Info http://liverpoolofcfanclub.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-CFAEA83636915856E27F4AED269D6D0A.html - rule_id: 361 http://liverpoolofcfanclub.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-A1345713CA2FB7D00C1AD8239E6B1FB4.html - rule_id: 361 http://liverpoolofcfanclub.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-BF38162F7E70FD7F47291334F8D4D43E.html - rule_id: 361	2		3	17.4	M	23	guest

First
Previous
381
382
383
384
385
386
387
388
389
390
Next
Last
Total : 48,320cnts