Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1141	2020-07-29 23:38	invoice_25225.doc 994c751f8ecc657be98920365929f4cf Vulnerability VirusTotal Malware buffers extracted exploit crash unpack itself Exploit DNS crashed	1 Keyword trend analysis Info http://www.reallylong.link/rll/x0ujLn/Ac7Ov1og34qTvUTmtYZwI3VnZMmA9xnQoL2nw8LVl3ki04m7tRILnEIjlORRzLGSancoeZn6hbRixtdQL9bcDTKZQA6CQQDALvBuwo9x/oLm0ZWJU_ZTaxcjKvXRFzkzXI/36kYcrIDgZH145JEBfp6G8r9KAnnNapt9rU8lQykyp4FmAQ131SV6nI1s_WYqP4oumrMLYHXs0j4ej5poLtrjnr72LBSdNRSlMOAsDVGzbNn9NbaHJL1SQYeGeLT91ENx4SRpwbn0ITNP3MvpczN5Eq8tUAHiRj41hdW5HBTZL/BULQCfC9R_mE1lFAX3SK8SHuuItE_VyI5b7X_yq0n2cqQmxbVDn5iuo5xvPKSz5HCJt11FN_HmFS_I71IHj1hlkKXTjqTJ6UuupzTU8eRqnVWbWD2ivr8P98JMo9w41sSdDQab71_VhuhiOd8Yg9g9BfKl1X8G8iHjkVtSX6_5WdBi/FiLKw/LM296LW9ryDevgg99uEY77_w2Rls5P5QOrURwSUglG0eR23dgPKx90iJxjeBrJAtt7mXoZYb2v9NWWLvyMeqznGC9eOcpgAGJXbYADKpVH59SUaMX8Aq5TMf0BwlOLtvKbnG4iH73P_0vIgmR3/scMp2UfTuzJZ6Nn24Qxw6t0ajTxQ9SM94Yv1Xg7ebnUgCnALpGwd9O1cwcFT51tgFq6Cj5b1BO9uKHV7raurtdbRMRBvi5/i0OW5ZpHZjs5EuezR5DygO0JQBGudqLZopLvyczEbZo/GDp9DoSXTT965KSCg2AEniv1yDPvw9lG3mrrSi1Ng7U7VnqQ/RhH_eWlvNz7DQAt8mXnZc5fWiCenIzyw3UiLLb34IEa42p_qqAp9xKkLOnJAvB8fkOWyFGteP4xXzmmRevXOBAp3Eeua_78OiDfclnAXcfw9KstzBi/vuK4pUJAHWYu04kDYHnmJz15VKq6_0RcNttZ4r5ZUiSgfWx5l7MiQpxBsc2BpVgBSiw/HboDLeL_A0CvetpRYcU4G8LHGd5HXzXUvAoqVCY/o02GgDd3h3dUDGehgf5LrHBru6aQiHioIl6q/a5N4_oLHKQ3kDicHLxDWqNiuYL_H20szYSIveqY1i3WfoZJCkvf9v2LgbyDMgueyGbeWKa3Kob8QYs3eVVRFSBBwnRKNGsCyDvUbG_QU3dKguW7qevFOXkQYpy79vpU2eZKyarQWxLDFlTRWTG_nL8ZYysqcI3gdgjZcPNj/bg87MtA/LzLumQrcDBdt_2CCPRoI9V3d9nrt3QMCCjxM3JtgPWYFGyxPeroCvMc4lh5w8oshciWfO269SNYUMZj4xquhO_gqKsZ7xnEIZpzKPf8NHmzrmXautjW8d_ZCE6HAuWrIrIR5IyTxxrQQrsurQwDJ2YuDMNdcMdIbhkR9yLHT4gEeaVu6zT3OHBkV3qD4AkMTlBmUcfK/W96Yk3yiSW_kUWTnpmDovWNJ8_n_CQzEgHaHNIbworup3i4I0KNfFTdWuRRoJaw4tlsCNPpmfoCjCKo9mguCBAX_CdgouO_8L4dGqbUvVvfNnwrwWyTQqSUQIDTWam_RmGILb80Gs/8IzX3Fa8rgWWFbFX8/fa396nkk3Yj6QtiLo2egR5opzB9QixP_eh7mBNYA3LTrFG2H8CbWceBjc_VJ1A80gwPbtIBrfVoSZAXD3IiLO6NeUuzpWaKC19qAZ0nZkptsEARpS7/zL8KJrr95SCKOH_vj/OYSE2zrQCudU1PX1zScSyAuCsr__ZCDTd5D6z9OG4/pmTdjVLsI0H7p71AT9Wmjxp8GtTlHQ_aZSEZtzVOSoI3BbXtDrbEW88o60CjGCu8bKr/wjqKO63QGiA/5ETdMBaaERRUl9giYK7/d0_zSESiSc1_AOAP7iN3NpC7YeEy9bnFrHCkFWBSo0NUXMu/opY3uB8xxDVCBAw6e3uaYTbVS5j	1			5.0		23

1142	2020-07-29 23:40	tpriv.ps1 422390f87f4c83bb435dfeaa0db7bd9b VirusTotal Malware powershell Buffer PE AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory buffers extracted WMI Creates executable files unpack itself Windows utilities Disables Windows Security Auto service powershell.exe wrote Check virtual network interfaces suspicious process AppData folder malicious URLs WriteConsoleW anti-virtualization Ransomware Windows Tor ComputerName DNS Cryptographic key	11 Keyword trend analysis Info http://185.10.68.147/win/val/ichigo.bin http://185.10.68.147/win/del.ps1 http://185.10.68.147/win/sasd.bat http://www.royerconseil-finances.ch/js/tiny_mce/temp/l.exe http://185.10.68.147/mssql https://www.royerconseil-finances.ch/js/tiny_mce/temp/r.exe https://185.10.68.147/win/min/32.exe https://185.10.68.147/win/3p/ichigo-lite.ps1 https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/credentials/Invoke-PowerDump.ps1 https://raw.githubusercontent.com/Kevin-Robertson/Invoke-TheHash/master/Invoke-WMIExec.ps1 https://raw.githubusercontent.com/Kevin-Robertson/Invoke-TheHash/master/Invoke-TheHash.ps1	7			24.2	M	9

1143	2020-07-29 23:59	wop.exe 301f883fe5145bad9b1e5044c691a7ba Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware PDB suspicious privilege Malicious Traffic Check memory Checks debugger Creates executable files unpack itself Check virtual network interfaces AppData folder malicious URLs Windows Browser Email ComputerName Remote Code Execution DNS Cryptographic key Software crashed keylogger	1 Keyword trend analysis	3			12.0	M	36

1144	2020-07-29 23:59	winlog.exe 33d28d8be1d957a58d32a2100393d696 VirusTotal Malware Check memory Checks debugger buffers extracted Creates executable files unpack itself AppData folder malicious URLs crashed					4.0	M	22

1145	2020-07-30 00:11	Doc_20200729_OYO975.doc 43e0305c2cc8aaf8b50bb2e2c24e6efa Vulnerability VirusTotal Malware unpack itself					2.4	M	17

1146	2020-07-30 00:15	harl.exe 603a9d172499974f5dce0a3ce6365cd9 VirusTotal Malware Check memory Checks debugger Creates executable files unpack itself AppData folder malicious URLs crashed					3.4	M	14

1147	2020-07-30 09:39	http://factorialk.pp.ua/wp-adm... Code Injection unpack itself Windows utilities Windows	1 Keyword trend analysis	2			2.2

1148	2020-07-30 09:42	https://cdn1.estsecurity.com/s... de15c8aea224b9c0f6e81d5a0431b461 Code Injection Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit DNS crashed	1 Keyword trend analysis	1			4.2

1149	2020-07-30 09:47	http://www.viportal.co/shoock/... a156f22115cbe7dece3bbc5ad71389c9 VirusTotal Malware Code Injection unpack itself Windows utilities malicious URLs Windows DNS	1 Keyword trend analysis	1			4.0

1150	2020-07-30 10:22	http://www.viportal.co/shoock/... f2f4df4d498ec04a644a72490978a355 Vulnerability VirusTotal Malware MachineGuid Code Injection Check memory Checks debugger exploit crash unpack itself Windows utilities malicious URLs Windows Exploit crashed	2 Keyword trend analysis	5			7.6

1151	2020-07-30 11:03	http://www.nalara1220.o-r.kr/ c032bb944d6fba21799bd5a4df5b6122 Code Injection Creates executable files unpack itself Windows utilities Windows DNS	6 Keyword trend analysis	2			3.2

1152	2020-07-30 11:15	INVOICE 2716-300397.doc bcc2fc9203b0b000565ce197db22a503 Vulnerability VirusTotal Malware unpack itself					2.6		28

1153	2020-07-30 11:15	BAL_SL7895839983PH.doc d485d3df948c1ca2ac7ae5e9916cd704 Vulnerability VirusTotal Malware unpack itself					2.6		28

1154	2020-07-30 11:32	http://www.nalara1220.o-r.kr/m... 543d9bb195c2df50e3dc076b6fdf95ef Code Injection Creates executable files RWX flags setting unpack itself Windows utilities Windows	5 Keyword trend analysis	4			3.0

1155	2020-07-30 11:34	http://www.nalara1220.o-r.kr/m... 543d9bb195c2df50e3dc076b6fdf95ef Code Injection Creates executable files unpack itself Windows utilities Windows DNS	5 Keyword trend analysis	2			3.2

First
Previous
71
72
73
74
75
76
77
78
79
80
Next
Last
Total : 48,199cnts