Submissions - ZeroBOX

Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Rule	Score	Zero	VT	Player	Etc
1411	2020-08-09 14:04	rckjxiy188780.exe 8332d7713ad91c2b198e25457ff11b4b VirusTotal Malware Malicious Traffic unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName Remote Code Execution DNS Cryptographic key	1 Keyword trend analysis	2			7.4		22	guest

1412	2020-08-10 16:45	BDCAMSETUP_KOR.EXE b1518ca2baf0533020349fea22438a63 AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files RWX flags setting exploit crash unpack itself Windows utilities suspicious process AppData folder malicious URLs AntiVM_Disk sandbox evasion VM Disk Size Check human activity check installed browsers check Windows Exploit Browser Advertising ComputerName crashed	20 Keyword trend analysis Info http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml https://www.bandicam.co.kr/f.php?id=kor_app_complete_install&v=2 https://www.bandicam.co.kr/support/start/ https://www.bandicam.co.kr/js/bootstrap-3.3.2.min.css?20200731 https://www.bandicam.co.kr/style.min.css?20200731 https://www.googletagmanager.com/gtag/js?id=UA-20339103-1 https://www.bandicam.co.kr/style.min.css?20200731 https://www.bandicam.co.kr/js/bootstrap-3.3.2.min.css?20200731 https://fonts.googleapis.com/css?family=Nanum+Gothic https://www.bandicam.co.kr/js/jquery-3.3.1.custom.js https://www.google-analytics.com/analytics.js https://www.google-analytics.com/r/collect?v=1&_v=j83&a=891909642&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bandicam.co.kr%2Fsupport%2Fstart%2F&ul=ko&de=utf-8&dt=%ED%94%84%EB%A1%9C%EA%B7%B8%EB%9E%A8%20%EC%84%A4%EC%B9%98%EA%B0%80%20%EC%99%84%EB%A3%8C%EB%90%98%EC%97%88%EC%8A%B5%EB%8B%88%EB%8B%A4%20-%20%EB%B0%98%EB%94%94%EC%BA%A0&sd=24-bit&sr=1365x1024&vp=1233x841&je=1&fl=13.0%20r0&_u=IEBAAU~&jid=924602955&gjid=6643929&cid=1548330542.1597076314&tid=UA-20339103-1&_gid=873477484.1597076314&_r=1>m=2ou7v1&z=837017259 https://www.bandicam.co.kr/js/bootstrap-3.3.2.min.js https://www.bandicam.co.kr/magnific-popup.min.css https://www.bandicam.co.kr/include/fonts/glyphicons-halflings-regular.eot? https://wcs.naver.net/wcslog.js https://www.bandicam.co.kr/js/acecounter_cts.js https://wcs.naver.com/m?u=https%3A%2F%2Fwww.bandicam.co.kr%2Fsupport%2Fstart%2F&e=&wa=s_502950d95e2b&bt=-1&os=Win32&ln=ko&sr=1365x1024&bw=1211&bh=841&c=24&j=Y&jv=1.8&k=Y&ct=lan&cs=utf-8&tl=%25ED%2594%2584%25EB%25A1%259C%25EA%25B7%25B8%25EB%259E%25A8%2520%25EC%2584%25A4%25EC%25B9%2598%25EA%25B0%2580%2520%25EC%2599%2584%25EB%25A3%258C%25EB%2590%2598%25EC%2597%2588%25EC%258A%25B5%25EB%258B%2588%25EB%258B%25A4%2520-%2520%25EB%25B0%2598%25EB%2594%2594%25EC%25BA%25A0&vs=0.7.1&nt=1597076315166&EOU https://www.bandicam.co.kr/js/jquery.magnific-popup.min.js https://www.bandicam.co.kr/downloads/version_kor.ini https://www.bandicam.co.kr/app_info/index2.php?v=4.6.1.1688&r=0 https://www.google-analytics.com/analytics.js https://www.google-analytics.com/r/collect?v=1&_v=j83&a=2031054232&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bandicam.co.kr%2Fapp_info%2Findex2.php%3Fv%3D4.6.1.1688%26r%3D0&ul=ko&de=utf-8&sd=24-bit&sr=1024x768&vp=&je=1&fl=13.0%20r0&_u=AAC~&jid=688910507&gjid=268064380&cid=1548330542.1597076314&tid=UA-20339103-7&_gid=873477484.1597076314&_r=1&z=149846623	14 Info wcs.naver.net(184.28.153.161) ie9cvlist.ie.microsoft.com(117.18.232.200) fonts.googleapis.com(172.217.27.74) wcs.naver.com(210.89.160.128) www.bandicam.co.kr(52.79.149.71) www.googletagmanager.com(172.217.27.72) www.google-analytics.com(172.217.31.142) 117.18.232.200 210.89.160.128 216.58.197.110 216.58.199.104 216.58.200.10 23.53.225.247 52.79.149.71			11.2			guest

1413	2020-08-10 17:37	wfdJJbjf3L.exe c252746fea8af8e146cc2c4f028aee7a Malware Malicious Traffic unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName DNS Cryptographic key	1 Keyword trend analysis	4			6.8			guest

1414	2020-08-10 17:45	dl53163820234.exe 4f2640624e1568f2cab7a133427908df Malware Malicious Traffic unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName DNS Cryptographic key	1 Keyword trend analysis	2			6.2			guest

1415	2020-08-10 22:13	flT1InVIuvV7j.exe a772627b91e925e5ee8739ea609eb59b VirusTotal Malware Malicious Traffic unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName DNS Cryptographic key	1 Keyword trend analysis	1			5.2		12	guest

1416	2020-08-10 22:37	iiqazfn37193670.exe b1ae2314a713f40e08323d17117d3df2 Malware Malicious Traffic unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName DNS Cryptographic key	1 Keyword trend analysis	2			6.2			guest

1417	2020-08-10 22:39	jxCN.exe 3bb5b43636b4a86c60405e09b9f9fb26 VirusTotal Malware AutoRuns Malicious Traffic unpack itself Auto service malicious URLs sandbox evasion human activity check Windows Advertising ComputerName DNS Cryptographic key	1 Keyword trend analysis	1			8.8		12	guest

1418	2020-08-11 09:30	SMTrFWlR.exe 0cd021d3299edc94e59006452a136fbf Malware Malicious Traffic unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName Remote Code Execution DNS Cryptographic key	1 Keyword trend analysis	1			5.0			admin

1419	2020-08-12 03:21	https://www.winjoygame.com/fav... fc3b774bacbbc54c020116ae0708ee09 Code Injection unpack itself Windows utilities malicious URLs Windows DNS		1			2.8			admin

1420	2020-08-12 03:30	favicon.ico.exe fc3b774bacbbc54c020116ae0708ee09 VirusTotal Malware					0.6		3	admin

1421	2020-08-12 05:05	BiELCIyVy7GGX5WJWrp.exe 714b70027132be2766a0a532cabdd2fe VirusTotal Malware Malicious Traffic unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName DNS Cryptographic key	1 Keyword trend analysis	1			5.4		9	guest

1422	2020-08-12 05:14	curh.vbs 8820a8a06f70f7a4800f2d617e32250d Browser Info Stealer VirusTotal Email Client Info Stealer Malware powershell Buffer PE AutoRuns suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI heapspray ICMP traffic unpack itself Check virtual network interfaces suspicious process malicious URLs AntiVM_Disk sandbox evasion WriteConsoleW VM Disk Size Check installed browsers check Windows Browser Email ComputerName DNS Cryptographic key	2 Keyword trend analysis Info https://drive.google.com/u/0/uc?id=1C9Jv2Buwdmelhjep-JjOw2MwJZpS3Bb_&export=download https://doc-0k-8o-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/vq4oq1ml1imcs03in4pvgfgfe1jvtle2/1597176675000/16823922697999196009/*/1C9Jv2Buwdmelhjep-JjOw2MwJZpS3Bb_?e=download	4			20.2		6	guest

1423	2020-08-12 13:35	1597161079.png.exe ecbdc762e9dafb05df850145a6cbc875 VirusTotal Malware malicious URLs WriteConsoleW human activity check ComputerName Remote Code Execution					3.2	M	17	admin

1424	2020-08-12 13:39	X66YHN.exe 92bd5a45e9d4201b7f43e18a9f104b6d VirusTotal Malware Malicious Traffic unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName DNS Cryptographic key	1 Keyword trend analysis	1			6.4		17	admin

1425	2020-08-12 14:56	z0eah9500223862.exe 2de15ca2b2fa87b7e087ead855150b8a Malware Malicious Traffic unpack itself malicious URLs sandbox evasion Windows Advertising ComputerName DNS Cryptographic key	1 Keyword trend analysis	2			6.8			admin

First
Previous
91
92
93
94
95
96
97
98
99
100
Next
Last
Total : 48,230cnts