Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
1
2024-07-06 18:27
setup.exe
6b189fc6ddde33cba5c63e1dfec82b2a
Malicious Library
PE File
PE32
VirusTotal
Malware
Checks debugger
WMI
Creates executable files
RWX flags setting
unpack itself
Checks Bios
anti-virtualization
ComputerName
DNS
1
Info
×
188.165.164.184
5.2
M
37
ZeroCERT
2
2024-07-03 13:24
setup.exe
6a29cf171c9718d55a0b617102451f6b
Malicious Library
PE File
PE32
Checks debugger
WMI
Creates executable files
RWX flags setting
unpack itself
Checks Bios
anti-virtualization
ComputerName
3.6
ZeroCERT
3
2024-07-03 13:24
setup.exe
5d286a1851e49c4a21ec0178bcf8b239
Malicious Library
PE File
PE32
VirusTotal
Malware
Checks debugger
WMI
Creates executable files
RWX flags setting
unpack itself
Checks Bios
anti-virtualization
ComputerName
4.6
M
37
ZeroCERT
4
2024-07-03 11:20
setup.exe
6a29cf171c9718d55a0b617102451f6b
Malicious Library
PE File
PE32
Checks debugger
WMI
Creates executable files
RWX flags setting
unpack itself
Checks Bios
anti-virtualization
ComputerName
3.6
ZeroCERT
5
2024-07-03 07:56
setup.exe
376bda749ff4727c39cbc3868b2e6477
Malicious Library
PE File
PE32
VirusTotal
Malware
Checks debugger
WMI
Creates executable files
RWX flags setting
unpack itself
Checks Bios
anti-virtualization
ComputerName
4.6
M
37
ZeroCERT
6
2024-07-02 15:58
Content_497179.exe
52070a9adf4787ece9b80af208603030
Gen1
Generic Malware
NSIS
Malicious Library
UPX
Admin Tool (Sysinternals etc ...)
Malicious Packer
Anti_VM
PE File
PE32
OS Processor Check
DLL
icon
BMP Format
DllRegisterServer
dll
Lnk Format
GIF Format
ftp
Malware
suspicious privilege
Malicious Traffic
Check memory
Checks debugger
Creates shortcut
Creates executable files
RWX flags setting
unpack itself
AppData folder
AntiVM_Disk
sandbox evasion
anti-virtualization
VM Disk Size Check
installed browsers check
Tofsee
Browser
ComputerName
1
Keyword trend analysis
×
Info
×
https://codeonicinc.com/
2
Info
×
codeonicinc.com(104.26.8.6)
172.67.69.54
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
9.2
ZeroCERT
7
2024-07-02 15:45
Content_497179.exe
52070a9adf4787ece9b80af208603030
Generic Malware
NSIS
Malicious Library
UPX
PE File
PE32
OS Processor Check
DLL
BMP Format
Malware
suspicious privilege
Malicious Traffic
Check memory
Checks debugger
Creates executable files
RWX flags setting
unpack itself
AppData folder
sandbox evasion
anti-virtualization
Tofsee
1
Keyword trend analysis
×
Info
×
https://codeonicinc.com/
2
Info
×
codeonicinc.com(104.26.8.6)
104.26.9.6
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
6.6
ZeroCERT
8
2024-06-21 07:47
setup.exe
24f3dab39795bb7a131b8f685aad74bb
Generic Malware
Malicious Library
Antivirus
AntiDebug
AntiVM
PE File
PE32
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Code Injection
Check memory
Checks debugger
WMI
Creates shortcut
Creates executable files
RWX flags setting
unpack itself
Windows utilities
Disables Windows Security
Checks Bios
powershell.exe wrote
suspicious process
WriteConsoleW
anti-virtualization
Windows
ComputerName
Cryptographic key
11.6
35
ZeroCERT
9
2024-06-17 14:33
setup.exe
05ff3df4891c23297d2f683cb399f027
Generic Malware
Malicious Library
Antivirus
AntiDebug
AntiVM
PE File
PE32
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Code Injection
Check memory
Checks debugger
WMI
Creates shortcut
Creates executable files
RWX flags setting
unpack itself
Windows utilities
Disables Windows Security
Checks Bios
suspicious process
WriteConsoleW
anti-virtualization
Windows
ComputerName
Cryptographic key
11.6
49
ZeroCERT
10
2024-06-17 13:35
setup.exe
59f7c6aba00ac82304ed8e658ff4768f
Generic Malware
Malicious Library
Antivirus
AntiDebug
AntiVM
PE File
PE32
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Code Injection
Check memory
Checks debugger
WMI
Creates shortcut
Creates executable files
RWX flags setting
unpack itself
Windows utilities
Disables Windows Security
Checks Bios
suspicious process
WriteConsoleW
anti-virtualization
Windows
ComputerName
DNS
Cryptographic key
1
Info
×
51.15.58.224
12.2
M
53
ZeroCERT
11
2024-06-13 10:36
setup.exe
175fcc55a11bbd0bd69c5dab9cba90c3
Generic Malware
Malicious Library
Antivirus
AntiDebug
AntiVM
PE32
PE File
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Code Injection
Check memory
Checks debugger
WMI
Creates shortcut
Creates executable files
RWX flags setting
unpack itself
Windows utilities
Disables Windows Security
Checks Bios
powershell.exe wrote
suspicious process
WriteConsoleW
anti-virtualization
Windows
ComputerName
Cryptographic key
12.0
M
32
ZeroCERT
12
2024-06-01 08:31
setup.exe
89052e2c020f8f6f5287e10d134f0bd1
Generic Malware
Malicious Library
Antivirus
AntiDebug
AntiVM
PE File
PE32
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Code Injection
Check memory
Checks debugger
WMI
Creates shortcut
Creates executable files
RWX flags setting
unpack itself
Windows utilities
Disables Windows Security
Checks Bios
powershell.exe wrote
suspicious process
WriteConsoleW
anti-virtualization
Windows
ComputerName
Cryptographic key
12.0
36
ZeroCERT
13
2024-05-31 07:47
setup.exe
08063da816c5db77ce64807c4ec2f7e8
NPKI
Generic Malware
Malicious Library
Antivirus
AntiDebug
AntiVM
PE File
PE32
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Code Injection
Check memory
Checks debugger
WMI
Creates shortcut
Creates executable files
RWX flags setting
unpack itself
Windows utilities
Disables Windows Security
Checks Bios
powershell.exe wrote
suspicious process
WriteConsoleW
anti-virtualization
Windows
ComputerName
Cryptographic key
12.0
M
37
ZeroCERT
14
2024-05-20 10:32
setup.exe
5cc472dcd66120aed74de36341bfd75a
Generic Malware
Malicious Library
Antivirus
AntiDebug
AntiVM
PE File
PE32
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Code Injection
Check memory
Checks debugger
WMI
Creates shortcut
Creates executable files
RWX flags setting
unpack itself
Windows utilities
Disables Windows Security
Checks Bios
powershell.exe wrote
suspicious process
WriteConsoleW
anti-virtualization
Windows
ComputerName
Cryptographic key
12.2
M
56
ZeroCERT
15
2024-03-01 12:08
setup.exe
5230cc00eecf61973aa8baf3f2a8cce6
Malicious Library
PE File
PE32
WMI
Creates executable files
RWX flags setting
unpack itself
Checks Bios
anti-virtualization
ComputerName
3.4
ZeroCERT
First
1
2
3
Last
Total : 45cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword