Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
121
2023-07-20 12:20
idbk.hta
f64cb89c952b5355259ef7373ea7982d
Generic Malware
Antivirus
AntiDebug
AntiVM
PowerShell
powershell
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
Creates shortcut
RWX flags setting
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
Windows
ComputerName
Cryptographic key
1
Keyword trend analysis
×
Info
×
http://103.16.215.29/Explorer/wininit.exe
6.6
ZeroCERT
122
2023-07-19 14:31
dma.hta
9302aa42d7bd92c8bfe93a441fe7b147
Generic Malware
Antivirus
AntiDebug
AntiVM
PowerShell
MSOffice File
VirusTotal
Malware
powershell
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
Creates shortcut
exploit crash
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
WriteConsoleW
Tofsee
Windows
Exploit
ComputerName
DNS
Cryptographic key
crashed
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
9.2
17
ZeroCERT
123
2023-07-19 09:10
dma.hta
9302aa42d7bd92c8bfe93a441fe7b147
VirusTotal
Malware
unpack itself
crashed
1.2
17
ZeroCERT
124
2023-07-18 13:57
idbk.hta
b4c8fe36366bf1542935f0367270eba5
Generic Malware
Antivirus
AntiDebug
AntiVM
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
Creates shortcut
RWX flags setting
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
Windows
ComputerName
Cryptographic key
7.0
7
ZeroCERT
125
2023-07-17 15:42
cmsh.hta
3c38f1318767a3b84a619187e7e78646
Generic Malware
Antivirus
AntiDebug
AntiVM
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
Creates shortcut
RWX flags setting
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
Windows
ComputerName
Cryptographic key
7.0
5
ZeroCERT
126
2023-07-17 15:41
IE_NET.hta
ab46abca955700f1d0f904cda6442b7c
Generic Malware
Antivirus
AntiDebug
AntiVM
PowerShell
MSOffice File
VirusTotal
Malware
powershell
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
Creates shortcut
exploit crash
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
Tofsee
Windows
Exploit
ComputerName
DNS
Cryptographic key
crashed
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
8.2
5
ZeroCERT
127
2023-07-14 17:07
idki.hta
391704abc77b7aeb83bcd9e38ad665c2
Generic Malware
Antivirus
AntiDebug
AntiVM
PowerShell
MSOffice File
VirusTotal
Malware
powershell
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
Creates shortcut
exploit crash
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
Tofsee
Windows
Exploit
ComputerName
DNS
Cryptographic key
crashed
2
Info
×
ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
8.4
17
ZeroCERT
128
2023-07-14 17:06
cmsh.hta
3c38f1318767a3b84a619187e7e78646
Antivirus
VirusTotal
Malware
unpack itself
crashed
1.0
5
ZeroCERT
129
2023-07-14 17:03
IE_NET.hta
ab46abca955700f1d0f904cda6442b7c
Antivirus
VirusTotal
Malware
unpack itself
crashed
1.0
5
ZeroCERT
130
2023-07-14 09:57
60.hta
b4796b72e77afbf28414ee8f250f85f6
Antivirus
VirusTotal
Malware
unpack itself
crashed
1.0
9
ZeroCERT
131
2023-07-14 07:32
65.hta
c424aa5b9e44cdfa876c24c898bd1205
Generic Malware
Antivirus
Hide_URL
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
powershell.exe wrote
suspicious process
WriteConsoleW
Windows
ComputerName
Cryptographic key
5.2
M
6
ZeroCERT
132
2023-07-11 18:54
USDT.exe
b9ade4e25308a1bfe4a8e4d9433937ba
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
Tofsee
Windows
Exploit
DNS
crashed
3
Info
×
camo.githubusercontent.com(185.199.108.133) -
108.181.20.35 -
185.199.108.133 -
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
3.8
ZeroCERT
133
2023-07-11 09:39
h.html
1c87f3cd6fb4a0197977a9d7365a5e09
Generic Malware
Antivirus
AntiDebug
AntiVM
PowerShell
powershell
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
Creates shortcut
RWX flags setting
unpack itself
Windows utilities
powershell.exe wrote
Check virtual network interfaces
suspicious process
Tofsee
Windows
ComputerName
Cryptographic key
1
Keyword trend analysis
×
Info
×
https://propagandaetrafego.com/bv6.jpg
2
Info
×
propagandaetrafego.com(216.172.161.107) - malware
216.172.161.107 - malware
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
10.0
ZeroCERT
134
2023-07-11 09:33
h.html
1c87f3cd6fb4a0197977a9d7365a5e09
unpack itself
crashed
0.6
ZeroCERT
135
2023-07-08 14:15
IE_NET.hta
44b47a2cd519068596c0e8cfcb401904
Generic Malware
Antivirus
Hide_URL
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
powershell.exe wrote
suspicious process
WriteConsoleW
Windows
ComputerName
Cryptographic key
1
Keyword trend analysis
×
Info
×
http://23.94.236.203/730/IBM_cents.exe
5.2
6
ZeroCERT
First
Previous
1
2
3
4
5
6
7
8
9
10
Next
Last
Total : 657cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword