Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
1
2023-03-11 10:47
p-Qfdyajl.exe
d9e77c8ca14edd3fabf09c01f61c566a
PWS
.NET framework
RAT
Generic Malware
Downloader
UPX
Antivirus
Socket
SMTP
Internet API
PWS[m]
AntiDebug
AntiVM
OS Processor Check
.NET EXE
PE32
PE File
VirusTotal
Malware
Buffer PE
PDB
suspicious privilege
Code Injection
Malicious Traffic
Check memory
Checks debugger
buffers extracted
Creates shortcut
unpack itself
Check virtual network interfaces
suspicious process
Windows
ComputerName
DNS
Cryptographic key
1
Keyword trend analysis
×
Info
×
http://80.66.75.36/p-Vrilmtqt.png
1
Info
×
80.66.75.36 - malware
12.0
M
20
ZeroCERT
2
2023-03-11 10:35
a-Yfgvvxyduvu.exe
4f351910b30c279944615955228db869
PWS
.NET framework
RAT
Generic Malware
UPX
Antivirus
Socket
SMTP
Internet API
PWS[m]
HTTP
Escalate priviledges
Http API
AntiDebug
AntiVM
OS Processor Check
.NET EXE
PE32
PE File
Browser Info Stealer
VirusTotal
Malware
PDB
suspicious privilege
Code Injection
Malicious Traffic
Check memory
Checks debugger
buffers extracted
Creates shortcut
ICMP traffic
unpack itself
Windows utilities
Check virtual network interfaces
suspicious process
malicious URLs
AntiVM_Disk
sandbox evasion
WriteConsoleW
Ransom Message
Turn off Windows Error Recovery notification window
IP Check
VM Disk Size Check
installed browsers check
Tofsee
Ransomware
Windows
Browser
Tor
ComputerName
Trojan
Banking
DNS
Cryptographic key
3
Keyword trend analysis
×
Info
×
http://api.ipify.org/
http://80.66.75.36/a-Cjjle.png
https://whyers.io/QWEwqdsvsf/ap.php - rule_id: 26448
5
Info
×
whyers.io(104.21.76.77) - mailcious
api.ipify.org(173.231.16.76)
64.185.227.155
172.67.191.103 - mailcious
80.66.75.36 - malware
2
Info
×
ET POLICY External IP Lookup api.ipify.org
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
1
Info
×
https://whyers.io/QWEwqdsvsf/ap.php
21.4
M
20
ZeroCERT
First
1
Last
Total : 2cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
