Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
16
2022-10-03 18:12
List of IBANs & Details.docx
9d3993fedf4ce4d25a8e7bf2a3a7d903
Doc XML Downloader
Word 2007 file format(docx)
VirusTotal
Malware
exploit crash
unpack itself
Exploit
crashed
3
Info
×
en-us-office.herokuapp.com(54.243.129.215)
54.243.129.215 - malware
54.224.34.30 - phishing
2.2
3
ZeroCERT
17
2022-09-25 18:59
01.06.2023_Genel_Siparislerimi...
d0227d7497666b6a67046349916f59cd
VirusTotal
Malware
RWX flags setting
unpack itself
2.6
M
30
ZeroCERT
18
2022-09-16 10:55
Global Brain Pitch Deck.docx
e26725f34ebcc7fa9976dd07bfbbfba3
Word 2007 file format(docx)
VirusTotal
Malware
exploit crash
unpack itself
Tofsee
Exploit
crashed
2
Keyword trend analysis
×
Info
×
https://download.azure-service.com/Jsh_kieSeQ4/itiflr82fj/DteCYSywiF/LBU0A2Xtq_/F%2BP9OQEh/
https://download.azure-service.com/Jsh_kieSeQ4/itiflr82fj/DteCYSywiF/LBU0A2Xtq_/F%2BP9OQEh/Wn7hg%3D%3D
2
Info
×
download.azure-service.com(204.11.56.48) - mailcious
204.11.56.48 - phishing
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
3.0
26
ZeroCERT
19
2022-09-16 10:43
Circle Business Introduction(I...
bde4747408ce3cfdfe8238a133ebcac9
Word 2007 file format(docx)
VirusTotal
Malware
exploit crash
unpack itself
Exploit
crashed
2
Info
×
googleservice.xyz(72.52.178.23)
72.52.178.23 - mailcious
3.6
28
ZeroCERT
20
2022-09-16 10:30
MUFG_JOB_DESCRIPTION.docx
0a8a4e2d462fb4b56ea98b25d5b1bdb3
Word 2007 file format(docx)
VirusTotal
Malware
unpack itself
Tofsee
2
Keyword trend analysis
×
Info
×
http://apps.identrust.com/roots/dstrootcax3.p7c
https://verify.azure-protect.online/EcCm9WiaysW/D%2BsYq1Io/yVMuSbkgQZ/Vp6bzP5LXe/Ec08P4lt6g/
4
Info
×
apps.identrust.com(23.43.165.105)
verify.azure-protect.online(152.89.247.87)
152.89.247.87
121.254.136.57
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
2.2
10
ZeroCERT
21
2022-09-07 16:01
사내 금융업무 상세내역.docx
929a87be39ed3ad28e7285340f64414f
Doc XML Downloader
Word 2007 file format(docx)
VirusTotal
Malware
exploit crash
unpack itself
Exploit
crashed
1
Info
×
ms-work.com-info.store() - malware
2.8
30
guest
22
2022-08-30 15:38
용기(행복나래) - 대륙제관.xlsx
21ead6751e5f2ec3d6e8fbeca4c982e5
heapspray
exploit crash
unpack itself
Exploit
crashed
2.4
ZeroCERT
23
2022-08-30 15:19
용기(행복나래) - 대륙제관.xlsx
21ead6751e5f2ec3d6e8fbeca4c982e5
heapspray
unpack itself
1.8
guest
24
2022-08-24 15:30
05-2022-0438.doc
52945af1def85b171870b31fa4782e52
Word 2007 file format(docx)
VirusTotal
Malware
exploit crash
unpack itself
Exploit
crashed
1
Info
×
www.xmlformats.com()
3.0
45
ZeroCERT
25
2022-08-20 21:20
job_description.xlsb
25f3c31bfac1670838095f3d60c6c7a3
VBA_macro
Excel Binary Workbook file format(xlsb)
VirusTotal
Malware
Check memory
Creates executable files
unpack itself
suspicious process
Tofsee
2
Keyword trend analysis
×
Info
×
http://apps.identrust.com/roots/dstrootcax3.p7c
https://fjigroqksqkeofqwjk.com/qyhgtr.dll
4
Info
×
apps.identrust.com(119.207.65.153)
fjigroqksqkeofqwjk.com(45.11.26.151) - malware
45.11.26.151 - malware
119.207.65.137
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
4.0
15
ZeroCERT
26
2022-08-02 09:53
Reciept 6242036.xlsb
0e0c3c9cea7e59a5aee7a7ab2dd03eb2
VBA_macro
Excel Binary Workbook file format(xlsb)
VirusTotal
Malware
RWX flags setting
exploit crash
unpack itself
Exploit
crashed
2.8
33
ZeroCERT
27
2022-08-02 08:14
clicktoexploit.docx
e3fb608a9b839c5e992ea115b07aaa8d
Word 2007 file format(docx)
RWX flags setting
1.2
M
ZeroCERT
28
2022-07-05 09:44
04.07.2022_PAZARTESI_SIPARISLE...
ea273838cc231f189370e3881dc318cb
VirusTotal
Malware
RWX flags setting
exploit crash
unpack itself
Exploit
crashed
2.6
M
3
ZeroCERT
29
2022-06-25 14:55
24.06.2022.CUMA.IHTIYAC.LISTES...
698006cd7ed845f5ab4522a03a2496be
Generic Malware
Antivirus
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
powershell.exe wrote
Check virtual network interfaces
suspicious process
WriteConsoleW
Tofsee
Windows
ComputerName
Cryptographic key
1
Keyword trend analysis
×
Info
×
https://altunminyum.github.io/07xr/gbdev.png
2
Info
×
altunminyum.github.io(185.199.108.153)
185.199.108.153 - malware
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
7.8
22
ZeroCERT
30
2022-06-21 08:03
Questions.docx
783f850d06c9f1286eb9b1bda0af0bce
Word 2007 file format(docx)
VirusTotal
Malware
exploit crash
unpack itself
Exploit
crashed
2.4
19
ZeroCERT
First
Previous
1
2
3
4
5
6
7
8
9
10
Next
Last
Total : 497cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
