Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
1
2024-11-26 14:14
TikTok18.exe
602876c49237a426d0e27ea8e6b1e0d6
Emotet
Gen1
Malicious Library
UPX
PE64
CAB
PE File
VirusTotal
Malware
AutoRuns
PDB
Check memory
Checks debugger
Creates executable files
unpack itself
Windows
Remote Code Execution
crashed
3.4
14
ZeroCERT
2
2024-11-08 17:14
hell9o.exe
2e933118fecbaf64bbd76514c47a2164
Emotet
Gen1
Malicious Library
UPX
PE File
PE64
CAB
VirusTotal
Malware
AutoRuns
PDB
Creates executable files
Windows utilities
WriteConsoleW
Windows
Remote Code Execution
3.6
44
ZeroCERT
3
2024-11-08 17:06
Setup%20Ms%20P-1A.EXE
a49ec3d87bfccda0f6bbd0370fcb6278
Emotet
Gen1
Malicious Library
UPX
PE File
PE64
CAB
VirusTotal
Malware
PDB
Checks debugger
Remote Code Execution
2.2
43
ZeroCERT
4
2024-11-08 17:03
loader.exe
dd4f9e2e3a884356b781bc7085c81fe7
Emotet
Gen1
Malicious Library
UPX
PE File
PE64
CAB
VirusTotal
Malware
AutoRuns
PDB
Checks debugger
Creates executable files
unpack itself
Windows utilities
suspicious process
Windows
ComputerName
Remote Code Execution
crashed
4.8
50
ZeroCERT
5
2024-10-31 18:11
focustaskprobr.exe
5bc2209e6ba6e6534b35494182d8cc66
Emotet
Gen1
Malicious Library
UPX
PE File
PE64
CAB
.NET EXE
PE32
VirusTotal
Malware
AutoRuns
PDB
Check memory
Checks debugger
Creates executable files
unpack itself
Check virtual network interfaces
AppData folder
Windows
Remote Code Execution
DNS
1
Info
×
46.8.237.66
7.2
34
ZeroCERT
6
2024-10-31 18:09
sameconcentratepro.exe
b4902df58bcac6bfe6a72a91ea30e051
Emotet
Gen1
Malicious Library
UPX
PE File
PE64
CAB
VirusTotal
Malware
AutoRuns
PDB
MachineGuid
Check memory
Checks debugger
Creates executable files
unpack itself
Check virtual network interfaces
Windows
Remote Code Execution
DNS
1
Info
×
46.8.237.66
5.4
17
ZeroCERT
7
2024-10-31 18:09
seniorcommunicatepro.exe
485927fe0c19012f31f1ef565254b374
Emotet
Gen1
Malicious Library
UPX
PE File
PE64
CAB
.NET EXE
PE32
VirusTotal
Malware
AutoRuns
PDB
Check memory
Checks debugger
Creates executable files
unpack itself
Check virtual network interfaces
AppData folder
Windows
Remote Code Execution
DNS
1
Info
×
46.8.237.66
7.4
48
ZeroCERT
8
2024-10-24 11:14
seniorcommunicatepro.exe
ea95f1f57bf140891fe0401b8d34990d
Emotet
Gen1
Malicious Library
UPX
PE File
PE64
CAB
OS Processor Check
VirusTotal
Malware
Buffer PE
AutoRuns
PDB
Check memory
Checks debugger
buffers extracted
Creates executable files
unpack itself
Windows
Remote Code Execution
5.4
47
ZeroCERT
9
2024-10-24 11:13
losscommunicationpro.exe
42bcf60a8c6cf654ceb015d9047218ef
Emotet
Gen1
Malicious Library
UPX
.NET framework(MSIL)
PE File
PE64
CAB
.NET EXE
PE32
OS Processor Check
VirusTotal
Malware
Buffer PE
AutoRuns
PDB
Check memory
Checks debugger
buffers extracted
Creates executable files
unpack itself
AppData folder
Windows
ComputerName
Remote Code Execution
5.4
40
ZeroCERT
10
2024-10-24 11:11
pump.exe
2d3353b602f987a974e014f891499e6f
Emotet
Gen1
Generic Malware
Malicious Library
UPX
Antivirus
PE File
PE64
CAB
VirusTotal
Malware
powershell
AutoRuns
PDB
suspicious privilege
MachineGuid
Check memory
Checks debugger
Creates shortcut
Creates executable files
unpack itself
suspicious process
Windows
ComputerName
Remote Code Execution
Cryptographic key
6.0
16
ZeroCERT
11
2024-10-24 11:03
focustaskpro.exe
eb98253c7af23770d78d9e3e765d183d
Emotet
Gen1
Malicious Library
UPX
.NET framework(MSIL)
PE File
PE64
CAB
.NET EXE
PE32
OS Processor Check
VirusTotal
Malware
Buffer PE
AutoRuns
PDB
Check memory
Checks debugger
buffers extracted
Creates executable files
unpack itself
AppData folder
Windows
ComputerName
Remote Code Execution
5.4
41
ZeroCERT
12
2024-10-21 17:09
1.exe
2d019540d9821037f1c96050cf7f551b
Emotet
Gen1
Generic Malware
Malicious Library
UPX
Antivirus
PE File
PE64
CAB
VirusTotal
Malware
powershell
AutoRuns
PDB
suspicious privilege
MachineGuid
Check memory
Checks debugger
Creates shortcut
Creates executable files
unpack itself
Windows utilities
suspicious process
Windows
ComputerName
Remote Code Execution
Cryptographic key
6.0
M
17
ZeroCERT
13
2024-10-16 11:23
qualityrespondpro.exe
7d69353f011527611a119b38593b7b34
Emotet
Gen1
Malicious Library
UPX
PE File
PE64
CAB
.NET EXE
PE32
VirusTotal
Malware
Buffer PE
AutoRuns
PDB
suspicious privilege
Malicious Traffic
Check memory
Checks debugger
buffers extracted
Creates executable files
unpack itself
Check virtual network interfaces
AppData folder
Windows
ComputerName
Remote Code Execution
DNS
Cryptographic key
crashed
1
Keyword trend analysis
×
Info
×
http://85.239.33.148/nation/Zyropzn.pdf
1
Info
×
85.239.33.148 - malware
1
Info
×
ET INFO Dotted Quad Host PDF Request
8.6
M
51
ZeroCERT
14
2024-10-16 11:12
speechcarrierpro.exe
c022c9594435faedd2d06aa40d19c360
Emotet
Gen1
Malicious Library
UPX
.NET framework(MSIL)
AntiDebug
AntiVM
PE File
PE64
CAB
.NET EXE
PE32
OS Processor Check
VirusTotal
Malware
Buffer PE
AutoRuns
PDB
suspicious privilege
Code Injection
Malicious Traffic
Check memory
Checks debugger
buffers extracted
Creates executable files
RWX flags setting
unpack itself
Check virtual network interfaces
suspicious process
AppData folder
WriteConsoleW
Windows
Remote Code Execution
DNS
Cryptographic key
crashed
1
Keyword trend analysis
×
Info
×
http://37.221.67.211/direct/Mfrngcojt.mp4
2
Info
×
37.221.67.211 - malware
5.189.218.177
16.2
49
ZeroCERT
15
2024-10-16 11:05
parttransferpro.exe
a38e702946c3b3770260051e865cba87
Emotet
Gen1
Malicious Library
UPX
Admin Tool (Sysinternals etc ...)
PE File
PE64
CAB
.NET EXE
PE32
VirusTotal
Malware
AutoRuns
PDB
Check memory
Checks debugger
Creates executable files
unpack itself
AppData folder
Windows
Remote Code Execution
4.8
50
ZeroCERT
First
1
2
3
4
5
6
7
8
9
10
Next
Last
Total : 268cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword