Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
5911	2021-03-12 16:27	4.exe f43ab0f92340b89c74af85b624672dbe VirusTotal Malware unpack itself Remote Code Execution					2.6	M	23	ZeroCERT

5912	2021-03-12 16:30	HDggVMlF.exe 6980f0a8333b9ebe6718c7142fc1b963 Gen Browser Info Stealer Malware download FTP Client Info Stealer Azorult VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency MachineGuid Malicious Traffic Check memory Creates executable files Collect installed applications AppData folder malicious URLs sandbox evasion anti-virtualization installed browsers check Ransomware Browser Email ComputerName Software	1 Keyword trend analysis	2	1		10.6	M	49	ZeroCERT

5913	2021-03-12 17:50	7.iops.exe 1f0d7f3144ba0d50374f61c941f5a94e Emotet Trickbot Gen VirusTotal Malware Checks debugger buffers extracted RWX flags setting unpack itself malicious URLs Remote Code Execution					4.0	M	23	ZeroCERT

5914	2021-03-12 17:55	6.exe c7c186bd2ebb1d33853f9e7c4cb8f4a4 Malicious Library VirusTotal Malware Code Injection Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs AntiVM_Disk WriteConsoleW IP Check VM Disk Size Check Windows ComputerName	1 Keyword trend analysis	3	1		8.4	M	18	ZeroCERT

5915	2021-03-12 18:15	2041131341.exe 526489ddbfd0d84e845ccd132cae5555 UltraVNC VirusTotal Malware PDB Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces malicious URLs suspicious TLD Tofsee Windows DNS Cryptographic key crashed	1 Keyword trend analysis	2	1		6.0	M	45	ZeroCERT

5916	2021-03-12 18:16	1370132254.exe 8ca675896f6c9ad9fe8deb1cc63bf8f5 Azorult .NET framework UltraVNC AsyncRAT backdoor Browser Info Stealer FTP Client Info Stealer VirusTotal Malware Cryptocurrency wallets Cryptocurrency Buffer PE PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Collect installed applications Check virtual network interfaces AppData folder malicious URLs suspicious TLD installed browsers check Tofsee Ransomware Windows Browser ComputerName DNS Cryptographic key Software crashed	6 Keyword trend analysis	11	2		20.0	M	48	ZeroCERT

5917	2021-03-12 18:23	eve.exe dc7faccd6a090e655cfa865903b7a70b Azorult .NET framework VirusTotal Malware Malicious Traffic Check memory Checks debugger unpack itself malicious URLs Tofsee Windows DNS	4 Keyword trend analysis Info http://go.microsoft.com/fwlink?linkid=30219&locale=ko-KR&clientType=VISTA_GAMES&clientVersion=6.1.2 http://edgedl.gvt1.com/edgedl/release2/update2/ALmnr7lDhOvozdF08iOk7Ks_1.3.36.72/GoogleUpdateSetup.exe https://update.googleapis.com/service/update2 https://update.googleapis.com/service/update2?cup2key=10:3707086078&cup2hreq=592b5a7ff2243112c27bdf312679deb8995ad1805b60657c9d1c3fddf67a8fb2	5	4		5.8	M	36	ZeroCERT

5918	2021-03-12 18:23	dxmanx.exe 01a67972d36112e1cc5b265e8606ddbd Azorult .NET framework ftp Client info stealer email stealer Win Trojan agentTesla browser Google Chrome User Data Download management Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware Buffer PE suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself malicious URLs Ransomware Windows Browser Tor Email ComputerName Cryptographic key Software crashed					14.2	M	44	ZeroCERT

5919	2021-03-12 18:34	invoice_34456.doc ae9c776e66bf63c33d3fcb228748eec3 Malware download VirusTotal Malware exploit crash unpack itself malicious URLs Windows Exploit crashed	1 Keyword trend analysis	4	3		4.0	M	30	ZeroCERT

5920	2021-03-12 18:35	IMG_105-10_60_85.pdf b47dd39109575e7b48e55f3e8d402a55 Azorult .NET framework ftp Client info stealer email stealer Win Trojan agentTesla browser Antivirus Google Chrome User Data AsyncRAT backdoor Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell Buffer PE suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself powershell.exe wrote Check virtual network interfaces suspicious process malicious URLs IP Check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed	2 Keyword trend analysis	4	4		17.0	M	40	ZeroCERT

5921	2021-03-12 18:40	m122.dll 8e3d3f90cb572121809d2945db6b02e6 Trickbot VirusTotal Malware Checks debugger unpack itself suspicious process Remote Code Execution					3.4	M	33	ZeroCERT

5922	2021-03-12 18:41	lurdx.exe 33f3a04aa01af912b83b4e82c6b9c12e ftp Client info stealer email stealer Win Trojan agentTesla browser Antivirus Google Chrome User Data Download management AsyncRAT backdoor Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut unpack itself Disables Windows Security powershell.exe wrote Check virtual network interfaces suspicious process malicious URLs WriteConsoleW Ransomware Windows Browser Tor Email ComputerName Cryptographic key Software crashed keylogger	3 Keyword trend analysis Info http://liverpoolofcfanclub.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-BB4F0127925FA3CC2062530FDF7A3934.html - rule_id: 361 http://liverpoolofcfanclub.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-5CE6D87A01BDFF577E36CDA694150723.html - rule_id: 361 http://liverpoolofcfanclub.com/liverpool-fc-news/features/steven-gerrard-liverpool-future-dalglish--goal-9C0C5071597064159707491C94EAD1DB.html - rule_id: 361	2		3	18.4	M	48	ZeroCERT

5923	2021-03-12 18:45	secure-viewer.jar 69194c7d702f9bf9fb8c500faafbbb88 VirusTotal Malware Check memory heapspray unpack itself Java					2.2	M	5	ZeroCERT

5924	2021-03-12 18:47	solution.iops.exe 1f0d7f3144ba0d50374f61c941f5a94e Emotet Trickbot Gen Dridex TrickBot VirusTotal Malware Report suspicious privilege Malicious Traffic Checks debugger buffers extracted RWX flags setting unpack itself Check virtual network interfaces malicious URLs Kovter ComputerName Remote Code Execution DNS crashed	1 Keyword trend analysis	10	5		9.2	M	23	ZeroCERT

5925	2021-03-12 18:57	856125340.exe 0e9b44989a3627976703bbe1e259cf62 AsyncRAT backdoor VirusTotal Malware Malicious Traffic Check memory Checks debugger unpack itself Check virtual network interfaces malicious URLs Tofsee Windows DNS Cryptographic key	1 Keyword trend analysis	2	1	1	4.8	M	50	ZeroCERT

First
Previous
391
392
393
394
395
396
397
398
399
400
Next
Last
Total : 48,320cnts