Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
106
2023-08-14 16:10
capetown.hta
60c5404627e66d12644251117cd52cbd
VirusTotal
Malware
crashed
1
Keyword trend analysis
×
Info
×
https://boatrentalowner.com/wp-content/uploads/2022/02/capetown.hta
0.8
16
ZeroCERT
107
2023-08-14 09:23
1.html
2b86cc9776d43c7916f5044a092c866d
Antivirus
AntiDebug
AntiVM
MSOffice File
VirusTotal
Malware
Code Injection
exploit crash
unpack itself
Windows utilities
Windows
Exploit
DNS
crashed
2
Keyword trend analysis
×
Info
×
http://75.119.136.207/config/bases/config.php
http://75.119.136.207/config/bases/1.html
3.8
4
ZeroCERT
108
2023-08-14 09:16
1.html
136ceaa4b76934d78546271c08f51aa2
Antivirus
AntiDebug
AntiVM
MSOffice File
Code Injection
exploit crash
unpack itself
Windows utilities
Windows
Exploit
DNS
crashed
2
Keyword trend analysis
×
Info
×
http://75.119.136.207/config/bases/config.php
http://ableinfo.co.kr/member/1.html
3.4
ZeroCERT
109
2023-08-14 09:13
1.html
136ceaa4b76934d78546271c08f51aa2
Antivirus
unpack itself
crashed
0.6
ZeroCERT
110
2023-08-11 16:15
twilighttwilight.hta
163b7346917aa5936bac2b3cb67df947
Generic Malware
Antivirus
AntiDebug
AntiVM
PowerShell
MSOffice File
VirusTotal
Malware
powershell
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
Creates shortcut
exploit crash
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
WriteConsoleW
Windows
Exploit
ComputerName
DNS
Cryptographic key
crashed
9.2
16
ZeroCERT
111
2023-08-10 10:02
independence.hta
a9d1dd12cb4c7c485f4966ca9963106f
Generic Malware
Antivirus
AntiDebug
AntiVM
PowerShell
MSOffice File
VirusTotal
Malware
powershell
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
Creates shortcut
exploit crash
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
WriteConsoleW
Windows
Exploit
ComputerName
DNS
Cryptographic key
crashed
9.2
19
ZeroCERT
112
2023-08-09 17:51
importance-x.hta
5ffa9afcf0b8f6f600119cf4c35b5c6c
Generic Malware
Antivirus
AntiDebug
AntiVM
PowerShell
MSOffice File
VirusTotal
Malware
powershell
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
Creates shortcut
RWX flags setting
exploit crash
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
WriteConsoleW
Windows
Exploit
ComputerName
DNS
Cryptographic key
crashed
9.6
16
ZeroCERT
113
2023-08-09 17:20
importance-x.hta
5ffa9afcf0b8f6f600119cf4c35b5c6c
VirusTotal
Malware
unpack itself
crashed
1.2
16
ZeroCERT
114
2023-08-09 17:15
loader.hta
2c3231b88b767d7d01eefbd05868b3a8
Hide_EXE
Generic Malware
UPX
Malicious Library
Malicious Packer
Http API
PWS
ScreenShot
KeyLogger
AntiDebug
AntiVM
OS Processor Check
DLL
PE64
PE File
VirusTotal
Email Client Info Stealer
Malware
MachineGuid
Code Injection
Check memory
Checks debugger
RWX flags setting
exploit crash
unpack itself
installed browsers check
Windows
Exploit
Browser
Email
Cryptographic key
crashed
5.2
4
ZeroCERT
115
2023-08-09 11:29
MAINNODECPa.htm
4a8582251db1eb736e1dc4c60fed358e
Generic Malware
Antivirus
AntiDebug
AntiVM
powershell
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
Creates shortcut
RWX flags setting
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
Windows
ComputerName
Cryptographic key
2
Keyword trend analysis
×
Info
×
https://ccpan12.blogspot.com/////////atom.xml
https://d9e1c3dd-1fee-48c1-9089-09a70580408e.usrfiles.com/ugd/d9e1c3_4d127b508d68411bb32a1e039bce6288.txt
7.2
ZeroCERT
116
2023-07-26 14:43
lano2.hta
58f04a5ef090681704054640bf0f1b7c
Generic Malware
Antivirus
AntiDebug
AntiVM
PowerShell
MSOffice File
VirusTotal
Malware
powershell
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
Creates shortcut
exploit crash
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
WriteConsoleW
Tofsee
Windows
Exploit
ComputerName
DNS
Cryptographic key
crashed
4
Info
×
108.181.20.35 -
154.221.26.108 -
144.76.136.153 -
103.100.211.218 -
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
9.2
15
ZeroCERT
117
2023-07-26 13:25
IDBh.hta
42add60c5e71accdfbb0a16bd34515ae
Generic Malware
Antivirus
AntiDebug
AntiVM
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
Creates shortcut
RWX flags setting
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
Windows
ComputerName
Cryptographic key
1
Keyword trend analysis
×
Info
×
http://103.16.215.29/M247T/wininit.exe
7.0
5
ZeroCERT
118
2023-07-26 11:41
CMSh.hta
d73b4775abeed46e879675ddd0d311d2
Generic Malware
Antivirus
AntiDebug
AntiVM
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
Creates shortcut
RWX flags setting
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
Windows
ComputerName
Cryptographic key
1
Keyword trend analysis
×
Info
×
http://103.16.215.196/M247T/wininit.exe
7.2
14
ZeroCERT
119
2023-07-25 10:38
HHYGASDBBBX.hta
2aa4741c22f4f7e9f7fb2318e974649c
Generic Malware
Antivirus
AntiDebug
AntiVM
PowerShell
MSOffice File
VirusTotal
Malware
powershell
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
Creates shortcut
exploit crash
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
WriteConsoleW
Tofsee
Windows
Exploit
ComputerName
DNS
Cryptographic key
crashed
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
9.2
17
ZeroCERT
120
2023-07-20 17:12
file.sfx.exe
de1f7210c7206cb45f95cad5e0ed8cf0
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
Tofsee
Windows
Exploit
DNS
crashed
2
Info
×
camo.githubusercontent.com(185.199.108.133) -
185.199.110.133 -
2
Info
×
ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
3.8
ZeroCERT
First
Previous
1
2
3
4
5
6
7
8
9
10
Next
Last
Total : 657cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword