Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
1
2021-11-05 09:23
ConsoleApp16.exe
519c77369218476103250e9d89e0db48
AgentTesla
browser
info stealer
Generic Malware
Google
Chrome
User Data
Create Service
Socket
Code injection
Sniff Audio
KeyLogger
Escalate priviledges
Downloader
AntiDebug
AntiVM
PE File
PE32
.NET EXE
VirusTotal
Malware
Buffer PE
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows
Cryptographic key
crashed
keylogger
2
Info
×
moneyrem.cc.dvrlists.com(23.105.131.222)
23.105.131.222
11.4
23
ZeroCERT
2
2021-10-07 17:37
ConsoleApp17.exe
0497faff25c24f11d0813f8da6b5c2d7
AgentTesla
PWS
.NET framework
browser
info stealer
Generic Malware
Google
Chrome
User Data
Socket
Create Service
Sniff Audio
Escalate priviledges
KeyLogger
Code injection
Downloader
AntiDebug
AntiVM
PE File
PE32
.NET EXE
VirusTotal
Malware
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
Creates executable files
unpack itself
AppData folder
Windows
DNS
Cryptographic key
DDNS
crashed
keylogger
2
Info
×
lplazadtemins.duckdns.org(194.147.140.45)
194.147.140.45
1
Info
×
ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
12.2
M
36
ZeroCERT
3
2021-09-26 09:05
ConsoleApp19.exe
41d54244280dd5a221565c203f459f5d
AgentTesla
NPKI
browser
info stealer
Generic Malware
Google
Chrome
User Data
Antivirus
Socket
Create Service
Sniff Audio
Escalate priviledges
KeyLogger
Code injection
Downloader
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
powershell
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
Creates shortcut
unpack itself
powershell.exe wrote
suspicious process
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
DDNS
crashed
keylogger
2
Info
×
upstand.duckdns.org(194.5.97.83)
194.5.97.83
1
Info
×
ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
13.2
36
ZeroCERT
4
2021-09-22 10:19
ConsoleApp13.exe
b5b75b3da47bb461fceb52a2c69d1240
AgentTesla
browser
info stealer
Generic Malware
Google
Chrome
User Data
Antivirus
Socket
Create Service
Sniff Audio
Escalate priviledges
KeyLogger
Code injection
Downloader
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
powershell
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
Creates shortcut
unpack itself
powershell.exe wrote
suspicious process
Windows
ComputerName
DNS
Cryptographic key
DDNS
crashed
keylogger
2
Info
×
freightmgmt.duckdns.org(194.5.98.207) - mailcious
194.5.98.207 - mailcious
1
Info
×
ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
12.8
M
22
ZeroCERT
5
2021-07-13 18:08
ConsoleApp6.exe
b46c2cfc05bc1e8fe659d143ccf77375
AgentTesla
PWS
.NET framework
RAT
browser
info stealer
Generic Malware
Google
Chrome
User Data
Antivirus
Socket
Create Service
Sniff Audio
Escalate priviledges
KeyLogger
Code injection
Downloader
AntiDebug
AntiVM
PE32
PE File
.NET EXE
VirusTotal
Malware
powershell
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
Creates shortcut
Creates executable files
unpack itself
suspicious process
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
DDNS
crashed
keylogger
2
Info
×
freightmgmt.duckdns.org(194.5.98.207) - mailcious
194.5.98.207 - mailcious
13.8
25
ZeroCERT
6
2021-07-09 10:14
ConsoleApp131.exe
2d5b3a4197f716b1600e32a3cbfa7b1e
AgentTesla
RAT
browser
info stealer
Generic Malware
Google
Chrome
User Data
Antivirus
Socket
Create Service
Sniff Audio
Escalate priviledges
KeyLogger
Code injection
Downloader
PDF
AntiDebug
AntiVM
.NET EXE
PE32
PE File
VirusTotal
Malware
powershell
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
Creates shortcut
Creates executable files
unpack itself
suspicious process
malicious URLs
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
DDNS
crashed
keylogger
2
Info
×
freightmgmt.duckdns.org(194.5.98.207) - mailcious
194.5.98.207 - mailcious
16.8
20
ZeroCERT
7
2021-07-08 17:10
ConsoleApp17.exe
2117808b6a0ded968c7f8f05c44e928a
Generic Malware
Antivirus
PDF
AntiDebug
AntiVM
.NET EXE
PE32
PE File
VirusTotal
Malware
powershell
AutoRuns
suspicious privilege
Code Injection
Malicious Traffic
Check memory
Checks debugger
buffers extracted
Creates shortcut
Creates executable files
unpack itself
suspicious process
malicious URLs
WriteConsoleW
Windows
ComputerName
Cryptographic key
crashed
1
Keyword trend analysis
×
Info
×
http://www.radiodigitalgroup.com/zymg/?EZX0x0=FcPYrthcRRKZFtaZW2MUypHTrhkCCkyPpasybCsDd6Hxuj0aWMOQa8WJObhtFCKIO1ZrpAzv&qL3=gdnLMPoHZ4
3
Info
×
www.schedule.group(199.59.242.153)
www.radiodigitalgroup.com(34.102.136.180)
34.102.136.180 - mailcious
14.6
23
ZeroCERT
8
2021-07-08 17:08
ConsoleApp15.exe
6c7ed035722165abe2e58da3fc6a024f
AgentTesla
browser
info stealer
Generic Malware
Google
Chrome
User Data
Antivirus
Socket
Create Service
Sniff Audio
Escalate priviledges
KeyLogger
Code injection
Downloader
PDF
AntiDebug
AntiVM
.NET EXE
PE32
PE File
VirusTotal
Malware
powershell
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
Creates shortcut
Creates executable files
unpack itself
suspicious process
malicious URLs
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
DDNS
crashed
keylogger
2
Info
×
freightmgmt.duckdns.org(194.5.98.207) - mailcious
194.5.98.207 - mailcious
16.6
19
ZeroCERT
9
2021-07-08 09:42
config.exe
649e264be8f3e82828fb5e84466afedd
AgentTesla
RAT
browser
info stealer
Generic Malware
Google
Chrome
User Data
Antivirus
Socket
Create Service
Sniff Audio
Escalate priviledges
KeyLogger
Code injection
Downloader
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
powershell
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
Creates shortcut
Creates executable files
unpack itself
suspicious process
WriteConsoleW
Windows
ComputerName
Cryptographic key
crashed
keylogger
2
Info
×
servr.killwhenabuse1.xyz(23.105.131.222) - mailcious
23.105.131.222
13.6
M
39
ZeroCERT
10
2021-07-08 09:36
ConsoleApp5.exe
7db2c2cb8780cfbe64ac49beb00f27f2
AgentTesla
RAT
browser
info stealer
Generic Malware
Google
Chrome
User Data
Antivirus
Socket
Create Service
Sniff Audio
Escalate priviledges
KeyLogger
Code injection
Downloader
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
powershell
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
Creates shortcut
Creates executable files
unpack itself
suspicious process
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
DDNS
crashed
keylogger
3
Info
×
freightmgmt.duckdns.org(194.5.98.207)
194.5.98.207 - mailcious
104.21.19.200
16.2
M
36
ZeroCERT
11
2021-07-08 09:31
explorer.exe
923ec143594a13e3a9585e2d86e7e890
AgentTesla
browser
info stealer
Generic Malware
Google
Chrome
User Data
Antivirus
Socket
Create Service
Sniff Audio
Escalate priviledges
KeyLogger
Code injection
Downloader
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
powershell
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
Creates shortcut
Creates executable files
unpack itself
suspicious process
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
DDNS
crashed
keylogger
3
Info
×
freightmgmt.duckdns.org(194.5.98.207)
172.67.188.154
194.5.98.207 - mailcious
16.8
M
39
ZeroCERT
First
1
Last
Total : 11cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword