Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
1
2024-09-17 13:53
nc.exe
1b7ee505711d9f7f8cd58b36c8bfc84d
UPX
PE File
PE32
VirusTotal
Malware
Check memory
Checks debugger
Creates executable files
unpack itself
WriteConsoleW
3.2
M
23
ZeroCERT
2
2024-08-25 19:05
66ca202b71c36_HP.exe
867a688580e309ccdbada474210871f1
Stealc
Generic Malware
Malicious Packer
UPX
Malicious Library
Anti_VM
AntiDebug
AntiVM
PE File
PE32
OS Processor Check
BMP Format
MSOffice File
JPEG Format
FTP Client Info Stealer
VirusTotal
Malware
Telegram
MachineGuid
Code Injection
Malicious Traffic
Check memory
WMI
unpack itself
Windows utilities
Collect installed applications
suspicious process
AppData folder
sandbox evasion
WriteConsoleW
anti-virtualization
installed browsers check
Tofsee
Ransomware
Windows
Browser
ComputerName
DNS
Software
crashed
1
Keyword trend analysis
×
Info
×
https://steamcommunity.com/profiles/76561199761128941 - rule_id: 42293
5
Info
×
t.me(149.154.167.99) - mailcious
steamcommunity.com(184.85.112.102) - mailcious
149.154.167.99 - mailcious
116.203.10.69 - mailcious
184.87.103.42 - mailcious
3
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO Observed Telegram Domain (t .me in TLS SNI)
ET INFO TLS Handshake Failure
1
Info
×
https://steamcommunity.com/profiles/76561199761128941
13.0
M
31
ZeroCERT
3
2024-08-20 10:40
setup.exe
991c2e03a0944756e534a026b2a33ab9
Generic Malware
Malicious Library
Antivirus
AntiDebug
AntiVM
PE File
PE32
PowerShell
powershell
suspicious privilege
Code Injection
Check memory
Checks debugger
WMI
Creates shortcut
Creates executable files
RWX flags setting
unpack itself
Windows utilities
Disables Windows Security
Checks Bios
suspicious process
WriteConsoleW
anti-virtualization
Windows
ComputerName
Cryptographic key
10.4
M
ZeroCERT
4
2024-08-12 11:32
setup.exe
5dc97eacc5086f917367b3e29d0e459e
Generic Malware
Malicious Library
Antivirus
AntiDebug
AntiVM
PE File
PE32
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Code Injection
Check memory
Checks debugger
WMI
Creates shortcut
Creates executable files
RWX flags setting
unpack itself
Windows utilities
Disables Windows Security
Checks Bios
powershell.exe wrote
suspicious process
WriteConsoleW
anti-virtualization
Windows
ComputerName
Cryptographic key
12.0
M
33
ZeroCERT
5
2024-08-10 17:52
setup.exe
c2a206966403fd63bf68aad8e9f8b840
Generic Malware
Malicious Library
Antivirus
AntiDebug
AntiVM
PE File
PE32
PowerShell
powershell
suspicious privilege
Code Injection
Check memory
Checks debugger
WMI
Creates shortcut
Creates executable files
RWX flags setting
unpack itself
Windows utilities
Disables Windows Security
Checks Bios
powershell.exe wrote
suspicious process
WriteConsoleW
anti-virtualization
Windows
ComputerName
Cryptographic key
11.0
M
ZeroCERT
6
2024-08-10 17:47
setup.exe
05ed8d4bc0c2d438ff0c376e508b84ef
Generic Malware
Malicious Library
Antivirus
AntiDebug
AntiVM
PE File
PE32
PowerShell
powershell
suspicious privilege
Code Injection
Check memory
Checks debugger
WMI
Creates shortcut
Creates executable files
RWX flags setting
unpack itself
Windows utilities
Disables Windows Security
Checks Bios
powershell.exe wrote
suspicious process
WriteConsoleW
anti-virtualization
Windows
ComputerName
Cryptographic key
11.0
M
ZeroCERT
7
2024-08-10 17:45
setup.exe
b815bc206843843a7795df8ed74a622d
Generic Malware
Malicious Library
Antivirus
AntiDebug
AntiVM
PE File
PE32
PowerShell
powershell
suspicious privilege
Code Injection
Check memory
Checks debugger
WMI
Creates shortcut
Creates executable files
RWX flags setting
unpack itself
Windows utilities
Disables Windows Security
Checks Bios
powershell.exe wrote
suspicious process
WriteConsoleW
anti-virtualization
Windows
ComputerName
Cryptographic key
11.0
M
ZeroCERT
8
2024-08-10 17:43
setup.exe
382600785e4a2db8cead5a6b33717a7a
Generic Malware
Malicious Library
Antivirus
AntiDebug
AntiVM
PE File
PE32
PowerShell
powershell
suspicious privilege
Code Injection
Check memory
Checks debugger
WMI
Creates shortcut
Creates executable files
RWX flags setting
unpack itself
Windows utilities
Disables Windows Security
Checks Bios
suspicious process
WriteConsoleW
anti-virtualization
Windows
ComputerName
Cryptographic key
10.4
M
ZeroCERT
9
2024-08-10 17:43
setup.exe
c5def7482c409dd5f2220ce4c1e66656
Generic Malware
Malicious Library
Antivirus
AntiDebug
AntiVM
PE File
PE32
PowerShell
powershell
suspicious privilege
Code Injection
Check memory
Checks debugger
WMI
Creates shortcut
Creates executable files
RWX flags setting
unpack itself
Windows utilities
Disables Windows Security
Checks Bios
powershell.exe wrote
suspicious process
WriteConsoleW
anti-virtualization
Windows
ComputerName
Cryptographic key
11.0
M
ZeroCERT
10
2024-08-10 17:41
setup.exe
a62db46612899b8ec61837797bab0715
Generic Malware
Malicious Library
Antivirus
AntiDebug
AntiVM
PE File
PE32
PowerShell
powershell
suspicious privilege
Code Injection
Check memory
Checks debugger
WMI
Creates shortcut
Creates executable files
RWX flags setting
unpack itself
Windows utilities
Disables Windows Security
Checks Bios
suspicious process
WriteConsoleW
anti-virtualization
Windows
ComputerName
Cryptographic key
10.4
M
ZeroCERT
11
2024-08-10 17:41
setup.exe
dab66bdcb96e8de84d56613c6bb9b4ae
Generic Malware
Malicious Library
Antivirus
AntiDebug
AntiVM
PE File
PE32
PowerShell
powershell
suspicious privilege
Code Injection
Check memory
Checks debugger
WMI
Creates shortcut
Creates executable files
RWX flags setting
unpack itself
Windows utilities
Disables Windows Security
Checks Bios
powershell.exe wrote
suspicious process
WriteConsoleW
anti-virtualization
Windows
ComputerName
Cryptographic key
11.0
M
ZeroCERT
12
2024-08-10 17:39
setup.exe
f9a027d01be44c149f28e1ca0dd74e3c
Generic Malware
Malicious Library
Antivirus
AntiDebug
AntiVM
PE File
PE32
PowerShell
powershell
suspicious privilege
Code Injection
Check memory
Checks debugger
WMI
Creates shortcut
Creates executable files
RWX flags setting
unpack itself
Windows utilities
Disables Windows Security
Checks Bios
suspicious process
WriteConsoleW
anti-virtualization
Windows
ComputerName
Cryptographic key
10.4
M
ZeroCERT
13
2024-08-10 17:38
setup.exe
c2bc95f90972b102c87a90b48aaf88a5
Generic Malware
Malicious Library
Antivirus
AntiDebug
AntiVM
PE File
PE32
PowerShell
powershell
suspicious privilege
Code Injection
Check memory
Checks debugger
WMI
Creates shortcut
Creates executable files
RWX flags setting
unpack itself
Windows utilities
Disables Windows Security
Checks Bios
powershell.exe wrote
suspicious process
WriteConsoleW
anti-virtualization
Windows
ComputerName
Cryptographic key
11.0
M
ZeroCERT
14
2024-08-10 17:36
setup.exe
67deec3842d186934a988642c6a9e7e9
Generic Malware
Malicious Library
Antivirus
AntiDebug
AntiVM
PE File
PE32
PowerShell
powershell
suspicious privilege
Code Injection
Check memory
Checks debugger
WMI
Creates shortcut
Creates executable files
RWX flags setting
unpack itself
Windows utilities
Disables Windows Security
Checks Bios
suspicious process
WriteConsoleW
anti-virtualization
Windows
ComputerName
Cryptographic key
10.4
M
ZeroCERT
15
2024-08-10 17:36
setup.exe
4cd5b2243b29cab51395d2b44395bc0c
Generic Malware
Malicious Library
Antivirus
AntiDebug
AntiVM
PE File
PE32
PowerShell
powershell
suspicious privilege
Code Injection
Check memory
Checks debugger
WMI
Creates shortcut
Creates executable files
RWX flags setting
unpack itself
Windows utilities
Disables Windows Security
Checks Bios
powershell.exe wrote
suspicious process
WriteConsoleW
anti-virtualization
Windows
ComputerName
Cryptographic key
11.0
ZeroCERT
First
1
2
3
4
5
Last
Total : 70cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
