Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
10051
2021-05-07 11:38
gjfUcq8ScvVw2L9.exe
2f3b713208e4529613738cb2a4aee54f
PWS
.NET framework
Malicious Library
.NET EXE
PE File
PE32
VirusTotal
Malware
PDB
suspicious privilege
Code Injection
Check memory
Checks debugger
unpack itself
Windows utilities
suspicious process
WriteConsoleW
Windows
ComputerName
Cryptographic key
7.2
26
ZeroCERT
10052
2021-05-07 11:36
terd.exe
4cca9a1ec4b92df89a8bc992a6ba961f
PE64
PE File
VirusTotal
Malware
unpack itself
ComputerName
DNS
3.0
16
ZeroCERT
10053
2021-05-07 11:34
pCt29lTpXMToITU.exe
75a979bb75fc8fc7d37925ae786ea658
PWS
.NET framework
Malicious Library
SMTP
KeyLogger
AntiDebug
AntiVM
.NET EXE
PE File
PE32
VirusTotal
Malware
PDB
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows utilities
suspicious process
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
crashed
11.8
29
ZeroCERT
10054
2021-05-06 18:08
kizito.exe
0282fb6d3422cdebf88ba2d9ce0831af
PWS
.NET framework
Malicious Library
AntiDebug
AntiVM
.NET EXE
PE File
PE32
VirusTotal
Malware
PDB
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
malicious URLs
Windows
DNS
Cryptographic key
8.8
39
ZeroCERT
10055
2021-05-06 14:16
so.exe
5551346aa9f251895021b95a2a7cc390
AsyncRAT
backdoor
PWS
.NET framework
Malicious Library
.NET EXE
PE File
PE32
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
Windows
Cryptographic key
3.6
M
42
ZeroCERT
10056
2021-05-06 11:34
waads.exe
72e4f355907b6c91e6f8508d102bd896
Malicious Library
PE File
PE32
VirusTotal
Malware
RWX flags setting
unpack itself
ComputerName
DNS
2
Keyword trend analysis
×
Info
×
http://45.227.253.66:443/cm - rule_id: 1321
http://45.227.253.66:443/G1wm - rule_id: 1322
1
Info
×
45.227.253.66 - malware
2
Info
×
http://45.227.253.66:443/cm
http://45.227.253.66:443/G1wm
3.8
M
53
r0d
10057
2021-05-06 10:44
wtkNa4Cs6HxepX8.exe
9941b30db8a7c185c5517e5d7431487c
PWS
.NET framework
Malicious Library
.NET EXE
PE File
PE32
VirusTotal
Malware
PDB
Check memory
Checks debugger
unpack itself
Windows
Cryptographic key
2.2
13
ZeroCERT
10058
2021-05-06 10:40
rest.exe
96764a0a62e66a147a3d4db0e59a6e34
PE64
OS Processor Check
PE File
VirusTotal
Malware
unpack itself
ComputerName
Remote Code Execution
DNS
3.0
8
ZeroCERT
10059
2021-05-06 10:38
svchost.exe
1704d776125c307095920fe6e332f121
AsyncRAT
backdoor
PWS
.NET framework
Malicious Library
SMTP
KeyLogger
AntiDebug
AntiVM
.NET EXE
PE File
PE32
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
suspicious process
Windows
ComputerName
DNS
Cryptographic key
10.6
M
20
ZeroCERT
10060
2021-05-05 20:28
KINO.exe
077fea37db6efe2491b3afe7e1813982
DNS
AntiDebug
AntiVM
.NET EXE
PE File
PE32
VirusTotal
Malware
Buffer PE
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows utilities
suspicious process
WriteConsoleW
human activity check
Windows
ComputerName
DNS
Cryptographic key
2
Info
×
wywtrwbnmhtytrebsgwtfcvzcxgjhyegvbcnmgte.ydns.eu(45.74.62.91)
45.74.62.91
13.6
M
19
ZeroCERT
10061
2021-05-05 20:25
JOT.exe
99e166082b19603ff6c4cbebd2641813
.NET EXE
PE File
PE32
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
unpack itself
suspicious process
WriteConsoleW
Windows
DNS
Cryptographic key
6.4
23
ZeroCERT
10062
2021-05-05 20:25
waads.exe
72e4f355907b6c91e6f8508d102bd896
PE File
PE32
VirusTotal
Malware
RWX flags setting
unpack itself
ComputerName
DNS
2
Keyword trend analysis
×
Info
×
http://45.227.253.66:443/cm
http://45.227.253.66:443/G1wm
1
Info
×
45.227.253.66
3.8
53
ZeroCERT
10063
2021-05-05 20:23
prtoioou5yeuytyudgsugksgwm.exe
353d774ce94ac11a2a10461b2a3f0623
PWS
.NET framework
Malicious Library
SMTP
KeyLogger
AntiDebug
AntiVM
.NET EXE
PE File
PE32
VirusTotal
Malware
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows utilities
suspicious process
malicious URLs
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
crashed
14.0
15
ZeroCERT
10064
2021-05-05 20:21
FRK.exe
7cef0587c3a904ca005df0ea9e9c88e0
DNS
AntiDebug
AntiVM
.NET EXE
PE File
PE32
VirusTotal
Malware
Buffer PE
AutoRuns
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows utilities
suspicious process
WriteConsoleW
human activity check
Windows
ComputerName
Cryptographic key
2
Info
×
hdgavzxcniopkjhsvcbnxmnzvqaswyiokdseacbu.ydns.eu(172.111.157.26)
172.111.157.26
14.2
21
ZeroCERT
10065
2021-05-05 20:19
OSF.exe
9583a703274b68a2fb524598b40a87ac
AgentTesla
browser
info stealer
Google
Chrome
User Data
Create Service
Sniff Audio
Escalate priviledges
KeyLogger
Code injection
Internet API
Downloader
AntiDebug
AntiVM
.NET EXE
PE File
PE32
VirusTotal
Malware
Buffer PE
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
Creates executable files
unpack itself
suspicious process
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
crashed
keylogger
2
Info
×
gsyagvxnzmkoplbhduisbagtevcnxmzlopljdgye.ydns.eu(46.243.147.23) - mailcious
46.243.147.23
14.2
M
20
ZeroCERT
First
Previous
671
672
673
674
675
Last
Total : 10,125cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword