Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
5881	2021-03-11 16:01	svchost2.exe faca0df291612a0d24228dccf2665cd6 VirusTotal Malware unpack itself Remote Code Execution					2.8	M	40	ZeroCERT

5882	2021-03-11 16:03	svchostbt.exe 5c86689173047e2adeaf3ccc736dfa18 AsyncRAT backdoor VirusTotal Malware Buffer PE AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces AppData folder malicious URLs suspicious TLD Tofsee Windows DNS Cryptographic key crashed keylogger	1 Keyword trend analysis	3	1		15.0	M	50	ZeroCERT

5883	2021-03-11 16:05	taskmgr.exe 0c00628e4659a174ac78567b04be5925 AsyncRAT backdoor VirusTotal Malware Check memory Checks debugger unpack itself Check virtual network interfaces malicious URLs suspicious TLD Tofsee Windows Cryptographic key		2	1		3.6	M	31	ZeroCERT

5884	2021-03-11 16:08	start.exe 32f3be8697cbd7c40c05ee83318ae14c Generic Malware VirusTotal Malware unpack itself malicious URLs Remote Code Execution					3.2	M	56	r0d

5885	2021-03-11 16:58	svchost2.exe faca0df291612a0d24228dccf2665cd6 Raccoon Stealer VirusTotal Malware unpack itself Remote Code Execution					2.8	M	40	r0d

5886	2021-03-11 17:01	unn.exe 292a365f27f0f77a74095d3f742556ad AsyncRAT backdoor VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows DNS Cryptographic key					8.6	M	39	ZeroCERT

5887	2021-03-11 17:02	vpn.exe bfa73924b899f92e96db3cc24d24c325 Malicious Library VirusTotal Malware Code Injection Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check Windows		1			6.6	M	31	ZeroCERT

5888	2021-03-11 17:08	unn.exe 292a365f27f0f77a74095d3f742556ad AsyncRAT backdoor VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows Cryptographic key					8.0	M	39	ZeroCERT

5889	2021-03-11 17:09	win.exe 8c3009160696f9bcc8f340e1911e7979 Azorult .NET framework VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows ComputerName DNS Cryptographic key crashed					10.4		20	ZeroCERT

5890	2021-03-11 18:19	x2-29.exe 47486e0de47de739d0e5ecbf427237e6 Azorult .NET framework VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Windows Cryptographic key					7.8		23	ZeroCERT

5891	2021-03-11 18:20	ximw.exe 4ed06835dd64287ea65dbd0f16d164f7 UltraVNC VirusTotal Malware PDB Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Check virtual network interfaces malicious URLs suspicious TLD Tofsee Windows DNS Cryptographic key crashed	1 Keyword trend analysis	3	1		11.0	M	51	ZeroCERT

5892	2021-03-11 18:29	44265.9599178241.dat 39c4c83a789474b9f1d981164eded0bd Gen PDB unpack itself					0.6	M		ZeroCERT

5893	2021-03-11 18:39	Invoice Payment copy.doc 3e4e34b21912166567f635d4075aef66 FormBook Malware download VirusTotal Malware Malicious Traffic buffers extracted ICMP traffic exploit crash unpack itself malicious URLs Windows Exploit DNS crashed	7 Keyword trend analysis Info http://liverpoolofcfanclub.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-FE8249C519BA3A926302587537C8B85A.html - rule_id: 361 http://www.shipinchewang.com/cds/?D81d=uzYdjKvpRY5ZeAUrmXTExQWQi4nVo+a5YZH7hAOHOo7GKtajY+tnRzEjFHYmg31yanNEGCjb&uTuD=Apd0bH http://liverpoolofcfanclub.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-A84DA9D977B80442F94EEA4F1E363DE4.html - rule_id: 361 http://www.bershiren.com/cds/?D81d=sHu7p9sOaA6ZTdu4TVgbOXTLmT+/Bc488pRg24PyTY8Z2DkBTLuda84lygaeGo4zLfUw5H4p&uTuD=Apd0bH http://www.cundiffcopywriting.com/cds/?D81d=QtklG59ObyWm8OBKuw/czHKR/ps47Brr6TGw9d9/K0DOaU07TAQQwelPNOsxq5IU1A0ks92u&uTuD=Apd0bH http://mamax.tk/directory/ricardox.exe http://www.carsonradio.com/cds/?D81d=lh6pCaVh0noKYbOYMDQjuOuS4BUw2EmjnXVp8KPC5tf2NV1J9hhZjX+3zl2wX/KkSDYk/Eng&uTuD=Apd0bH	12 Info www.shipinchewang.com(103.206.123.50) www.bershiren.com(209.99.64.55) liverpoolofcfanclub.com(172.67.174.240) - mailcious www.cundiffcopywriting.com(198.49.23.144) mamax.tk(45.84.196.197) www.carsonradio.com(164.155.145.220) 104.21.31.39 - mailcious 209.99.64.55 - suspicious 198.49.23.145 - mailcious 103.206.123.50 164.155.145.220 45.84.196.197	5	2	5.8	M	28	ZeroCERT

5894	2021-03-11 18:39	EMAIL_ARCHIVES.exe 1138824128271601d66b340612f8852a AsyncRAT backdoor VirusTotal Malware Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW anti-virtualization Windows ComputerName DNS Cryptographic key crashed					11.6		19	ZeroCERT

5895	2021-03-11 18:50	IMG-521000400034_AF30004.exe 8aab6881d976ecdd6571a2ac4ed11af0 Azorult .NET framework AsyncRAT backdoor VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself Windows DNS Cryptographic key crashed					4.0		20	ZeroCERT

First
Previous
391
392
393
394
395
396
397
398
399
400
Next
Last
Total : 48,320cnts