Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
1381
2024-05-31 10:08
reverse_http.ps1
01afbe1110a8dc2eb754291bd28685a5
Generic Malware
Antivirus
VirusTotal
Malware
Check memory
Checks debugger
RWX flags setting
unpack itself
ComputerName
crashed
3.2
M
34
ZeroCERT
1382
2024-06-03 07:27
abc.ps1
33d57171c178785001cbdb8aff121710
Generic Malware
Antivirus
VirusTotal
Malware
unpack itself
1.4
M
36
ZeroCERT
1383
2024-06-03 14:14
Safety Manager JD (General Dyn...
8346d90508b5d41d151b7098c7a3e868
Client SW User Data Stealer
browser
info stealer
Generic Malware
Hide_EXE
Google
Chrome
User Data
Downloader
Malicious Library
UPX
Antivirus
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code
Browser Info Stealer
VirusTotal
Malware
powershell
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
Creates shortcut
exploit crash
unpack itself
Windows utilities
Auto service
suspicious process
malicious URLs
WriteConsoleW
installed browsers check
Windows
Exploit
Browser
ComputerName
Cryptographic key
crashed
1
Keyword trend analysis
×
Info
×
http://download.uberlingen.com/index.php
1
Info
×
download.uberlingen.com()
12.6
8
ZeroCERT
1384
2024-06-04 11:06
BjDYewiY.vbs
7b5b8d04475bc1ebbb77601f57e3e625
Generic Malware
Antivirus
Hide_URL
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
buffers extracted
Creates shortcut
unpack itself
Check virtual network interfaces
suspicious process
Tofsee
Windows
ComputerName
Cryptographic key
3
Keyword trend analysis
×
Info
×
http://apps.identrust.com/roots/dstrootcax3.p7c
https://uploaddeimagens.com.br/images/004/785/720/original/new_image.jpg?1716307634
https://paste.ee/d/mtmOb/0
3
Info
×
uploaddeimagens.com.br(172.67.215.45) - malware
61.111.58.34 - malware
104.21.45.138 - malware
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
8.6
23
ZeroCERT
1385
2024-06-05 09:18
Archvisitor.cur
e55f25384365d8cb1cc6ffb71600ff50
Suspicious_Script_Bin
VirusTotal
Malware
0.4
1
ZeroCERT
1386
2024-06-07 09:34
envio.js
0eea6ce45e121ed22b89a006b3a4c1c3
Generic Malware
Antivirus
Hide_URL
AntiDebug
AntiVM
PowerShell
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
Creates shortcut
unpack itself
suspicious process
WriteConsoleW
Windows
ComputerName
Cryptographic key
1
Keyword trend analysis
×
Info
×
http://188.126.90.5/envifa.vbs
6.6
M
21
ZeroCERT
1387
2024-06-07 09:41
www.ps1
b8d18d049050e1e12c378dd2c71cadc6
Generic Malware
Antivirus
ZIP Format
VirusTotal
Malware
powershell
Malicious Traffic
Check memory
buffers extracted
unpack itself
Check virtual network interfaces
WriteConsoleW
Windows
ComputerName
Cryptographic key
1
Keyword trend analysis
×
Info
×
http://servidorwhm.shop/chrome.zip
2
Info
×
servidorwhm.shop(199.167.147.66)
199.167.147.66 - mailcious
1
Info
×
ET HUNTING Terse Request for Zip File (GET)
5.2
M
4
ZeroCERT
1388
2024-06-07 09:51
liitletigersearchingforfoodwhi...
077e4cfa6534a69f9e8de8e5b83ba08c
MS_RTF_Obfuscation_Objects
RTF File
doc
VirusTotal
Malware
Malicious Traffic
buffers extracted
exploit crash
unpack itself
Tofsee
Exploit
DNS
crashed
2
Keyword trend analysis
×
Info
×
https://paste.ee/d/eZNju
http://172.234.221.211/34009/lionsarebeautifulcomparewithothers.bmp
4
Info
×
paste.ee(172.67.187.200) - mailcious
172.67.187.200 - mailcious
34.192.83.212
172.234.221.211 - malware
2
Info
×
ET POLICY Pastebin-style Service (paste .ee) in TLS SNI
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
4.6
M
37
ZeroCERT
1389
2024-06-09 09:38
SharpHound.ps1
310d06e1da8a16b5121ead4874f634fa
Generic Malware
Antivirus
VirusTotal
Malware
Check memory
unpack itself
1.6
M
35
ZeroCERT
1390
2024-06-11 14:43
sign_now.vbs
539544ea65b5ecdb757d49fd92cc335d
VirusTotal
Malware
wscript.exe payload download
Tofsee
2
Info
×
www.python.org(151.101.108.223)
146.75.48.223
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
1.8
11
ZeroCERT
1391
2024-06-11 14:45
DocuSign.vbs
73999f3f3808981c1470956082ebc738
VirusTotal
Malware
wscript.exe payload download
Tofsee
2
Info
×
www.python.org(151.101.228.223)
146.75.48.223
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
1.6
7
ZeroCERT
1392
2024-06-11 14:47
DocuSign.url
1bb21d7cfa769080240279276bf0da2e
AntiDebug
AntiVM
URL Format
MSOffice File
Malware
Code Injection
Malicious Traffic
RWX flags setting
exploit crash
unpack itself
Windows utilities
Tofsee
Windows
Exploit
DNS
crashed
2
Keyword trend analysis
×
Info
×
http://45.61.132.126/
http://45.61.132.126/Downloads\DocuSign.vbs
1
Info
×
45.61.132.126
2
Info
×
ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
4.2
ZeroCERT
1393
2024-06-12 09:56
noncontrabandsVB1.ps1
183df9ec9ef6dbd453bcee91c8939534
Generic Malware
Antivirus
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
WriteConsoleW
Windows
ComputerName
Cryptographic key
crashed
1
Keyword trend analysis
×
Info
×
https://www.dsestimation.com/wp-content/uploads/2015/10/causativenesszb.exe
3.0
21
ZeroCERT
1394
2024-06-12 09:56
wizeninglYZn.ps1
e9c90b339939ce08b126a6f4e5a5cd5a
Generic Malware
Antivirus
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
WriteConsoleW
Windows
ComputerName
Cryptographic key
crashed
1
Keyword trend analysis
×
Info
×
https://lechiavetteusb.it/imgs/usb/logo/spiralitykSzkj.exe
3.0
26
ZeroCERT
1395
2024-06-12 13:25
bas.bat
c3d227e82f84533c2918a6239b99ff2d
Generic Malware
Downloader
Antivirus
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
FTP
KeyLogger
P2P
AntiDebug
AntiVM
PNG Format
MSOffice File
JPEG Format
powershell
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
Creates shortcut
RWX flags setting
exploit crash
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
WriteConsoleW
Tofsee
Windows
Exploit
ComputerName
Cloudflare
DNS
Cryptographic key
crashed
2
Keyword trend analysis
×
Info
×
http://apps.identrust.com/roots/dstrootcax3.p7c
https://stocks-army-malta-false.trycloudflare.com/qfv0ao.zip
4
Info
×
stocks-army-malta-false.trycloudflare.com(104.16.231.132)
61.111.58.34 - malware
61.111.58.16 - suspicious
104.16.230.132 - mailcious
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET POLICY Observed DNS Query to Commonly Abused Cloudflare Domain (trycloudflare .com)
7.0
ZeroCERT
First
Previous
91
92
93
94
95
96
97
98
99
100
Last
Total : 1,500cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
