Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
6046	2021-03-17 13:51	T6R.exe 88fee451ee8a4be3e5ac92ceea605d61 Malicious Packer Generic Malware VirusTotal Malware RWX flags setting unpack itself DNS					2.0	M	18	ZeroCERT

6047	2021-03-17 13:51	update.exe 01c615395a542dead29b178a9bc00894 VirusTotal Malware Buffer PE AutoRuns Code Injection Checks debugger buffers extracted unpack itself malicious URLs Windows					9.0	M	51	ZeroCERT

6048	2021-03-17 15:35	vbc.exe 1a4fc3cf283fdb42c7f67f2df8364286 Azorult .NET framework AsyncRAT backdoor VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName DNS Cryptographic key					10.6	M	20	ZeroCERT

6049	2021-03-17 15:39	vn.bin.exe a5528c63b2c1223f70ca02e7d9a2f6e8 browser info stealer Malicious Library Browser Info Stealer Malware download VirusTotal Malware Buffer PE Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs sandbox evasion WriteConsoleW Windows Browser ComputerName DNS		1	2		13.2	M	32	ZeroCERT

6050	2021-03-17 16:09	1234.xlsx 8e8421aa37f5016fdadf7a5e8cb1aa24 unpack itself					1.2			guest

6051	2021-03-17 16:10	1234.xlsx 8e8421aa37f5016fdadf7a5e8cb1aa24 unpack itself					1.2			guest

6052	2021-03-17 16:13	1234.xlsx 8e8421aa37f5016fdadf7a5e8cb1aa24 unpack itself					1.2			guest

6053	2021-03-17 16:16	1234.xlsx 8e8421aa37f5016fdadf7a5e8cb1aa24 unpack itself					1.2			guest

6054	2021-03-17 16:23	1234.xlsx 8e8421aa37f5016fdadf7a5e8cb1aa24 unpack itself					1.2			guest

6055	2021-03-17 16:24	1234.xlsx 8e8421aa37f5016fdadf7a5e8cb1aa24 unpack itself					1.2			guest

6056	2021-03-17 16:25	1234.xlsx 8e8421aa37f5016fdadf7a5e8cb1aa24 unpack itself					1.2			guest

6057	2021-03-17 16:29	win32.exe 17e61b65fec953907f49f99f757dd4ac VirusTotal Malware MachineGuid Check memory Checks debugger unpack itself malicious URLs					2.8	M	10	ZeroCERT

6058	2021-03-17 16:31	winlog.exe 5db87cb7c962ba04dd978d30cb01c246 FormBook Malware download VirusTotal Malware suspicious privilege Malicious Traffic Check memory Creates executable files unpack itself AppData folder malicious URLs sandbox evasion DNS	8 Keyword trend analysis Info http://www.botaniquecouture.com/nsag/?nt=3solHqD3xWFsPiOkiMb8ZxtvShu6k+bs5n8tAbp3gO4PLM7vhzh6xxFZXBBHvHdMHuTMMLyJ&3f=9r84q4yx http://www.botaniquecouture.com/nsag/ http://www.glowtheblog.com/nsag/?nt=HzZPNJQ8O4WE+bdm4vfaT6k2sBckkYigm/ImWf97pB6lZmCMtuvHJWo30XNbtj7YSTZJJE49&3f=9r84q4yx http://www.oasisbracelet.com/nsag/ - rule_id: 370 http://www.glowtheblog.com/nsag/ http://www.mistressofherdivinity.com/nsag/?nt=4H5+XAsX17t5i9bqNGjmVam9RdXQplhGCrWVGCPL7TSnyRXxkP5OCpmi44+txHN+I78jwTfj&3f=9r84q4yx http://www.oasisbracelet.com/nsag/?nt=X6jTNjBDiSL6TpbedZlH5jVf6UgVHRdaKJR1ltrC+bHekjCLhc2nJxvVQH1baaoFWgd9aMD6&3f=9r84q4yx - rule_id: 370 http://www.mistressofherdivinity.com/nsag/	18 Info www.translations.tools(192.0.78.24) www.glowtheblog.com(217.160.0.236) www.icepolo.com(91.195.241.137) www.creationsbyjamie.com(198.49.23.144) www.856380692.xyz(103.88.34.80) - mailcious www.usopencoverage.com(94.136.40.51) www.oasisbracelet.com(34.102.136.180) www.botaniquecouture.com(74.117.219.198) www.mistressofherdivinity.com(173.231.242.82) 91.195.241.137 - mailcious 198.49.23.145 - mailcious 173.231.242.82 103.88.34.80 - suspicious 34.102.136.180 - mailcious 74.117.219.199 192.0.78.24 - mailcious 217.160.0.236 94.136.40.51 - mailcious	1	2	7.4	M	25	ZeroCERT

6059	2021-03-17 16:36	1234.xlsx 8e8421aa37f5016fdadf7a5e8cb1aa24 unpack itself					1.2			guest

6060	2021-03-17 16:40	0a3b4f.css.ps1 5eecdc79578238864763f237a4bd8da7 Antivirus Check memory unpack itself malicious URLs					1.4			ZeroCERT

First
Previous
401
402
403
404
405
406
407
408
409
410
Next
Last
Total : 48,320cnts