Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
1
2021-10-12 10:09
go.exe
ab7f8753f4eb0b4f143227298e274cac
RAT
Generic Malware
PE File
PE32
.NET EXE
VirusTotal
Malware
AutoRuns
PDB
Malicious Traffic
Check memory
Checks debugger
unpack itself
Check virtual network interfaces
Tofsee
Windows
ComputerName
1
Keyword trend analysis
×
Info
×
https://cdn.discordapp.com/attachments/897036278900596749/897052512136335360/THEM_GO_PAY.exe
2
Info
×
cdn.discordapp.com(162.159.134.233) - malware
162.159.133.233 - malware
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
3.8
M
23
ZeroCERT
2
2021-10-08 11:39
bro.exe
cfbd1a2cbc6b71ecb11b80ddf05db117
PWS
.NET framework
Generic Malware
SMTP
KeyLogger
AntiDebug
AntiVM
PE File
PE32
.NET EXE
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows
ComputerName
crashed
8.8
M
26
ZeroCERT
3
2021-10-06 13:46
arab.exe
360fe2af76dc3faffa92b6f8cdd201a2
RAT
PWS
.NET framework
Generic Malware
SMTP
KeyLogger
AntiDebug
AntiVM
PE File
PE32
.NET EXE
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows
ComputerName
crashed
8.0
M
ZeroCERT
4
2021-09-19 10:46
mygod.exe
60a01c98200c36b4917c453feedbf79d
PWS
.NET framework
Generic Malware
SMTP
KeyLogger
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows
ComputerName
crashed
10.4
M
40
ZeroCERT
5
2021-08-31 11:03
job.exe
00208f1aa6ebd03ebf70e847b6f690c8
Generic Malware
Admin Tool (Sysinternals etc ...)
PE File
.NET EXE
PE32
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
1.6
M
24
ZeroCERT
6
2021-06-23 09:09
ongod.exe
5013cd46f5bc64f2f91c2f1b26eff560
PWS
.NET framework
Generic Malware
Admin Tool (Sysinternals etc ...)
Malicious Library
SMTP
KeyLogger
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows
ComputerName
Cryptographic key
crashed
10.0
29
ZeroCERT
7
2021-06-18 09:53
god.exe
e5a571a66090b1a9c61ab60f41abc465
AsyncRAT
backdoor
PWS
.NET framework
Admin Tool (Sysinternals etc ...)
Malicious Library
SMTP
KeyLogger
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
PDB
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows
ComputerName
DNS
Cryptographic key
crashed
11.0
M
30
ZeroCERT
8
2021-06-17 15:32
dan.exe
6314108d54642e404df636af5519dddb
PWS
.NET framework
Admin Tool (Sysinternals etc ...)
Malicious Library
SMTP
KeyLogger
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
PDB
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows
ComputerName
Cryptographic key
crashed
9.6
M
28
ZeroCERT
9
2021-06-10 09:35
ewak.exe
00dfd025d19fdf5686ac4bc25361dda3
PWS
.NET framework
Admin Tool (Sysinternals
Devolutions inc)
Malicious Library
SMTP
KeyLogger
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
PDB
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows
ComputerName
Cryptographic key
crashed
9.2
21
ZeroCERT
10
2021-06-10 09:32
mpa.exe
edf51521ad563bef8fa2f5ed218ac98c
PWS
.NET framework
Admin Tool (Sysinternals
Devolutions inc)
Malicious Library
SMTP
KeyLogger
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
PDB
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows
ComputerName
Cryptographic key
crashed
9.0
13
ZeroCERT
11
2021-06-09 22:10
razi.exe
f86b14c90a4eabc844a257abebd8a614
PWS
.NET framework
Admin Tool (Sysinternals
Devolutions inc)
Malicious Library
PE File
.NET EXE
PE32
VirusTotal
Malware
PDB
suspicious privilege
Code Injection
Check memory
Checks debugger
unpack itself
Windows
Cryptographic key
5.0
29
ZeroCERT
12
2021-06-09 09:58
ewaa.exe
a805af22c4ea9de2c2c542f21933ab84
PWS
.NET framework
Malicious Packer
SMTP
KeyLogger
AntiDebug
AntiVM
PE File
.NET EXE
PE32
Browser Info Stealer
FTP Client Info Stealer
Email Client Info Stealer
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows
Browser
Email
ComputerName
Cryptographic key
Software
crashed
11.4
M
ZeroCERT
13
2021-06-08 16:14
ewa.exe
e177b9ddfcae8d13fe94d04395ea920e
PWS
.NET framework
Admin Tool (Sysinternals
Devolutions inc)
Malicious Library
SMTP
KeyLogger
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
PDB
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows
ComputerName
DNS
Cryptographic key
crashed
1
Info
×
104.21.19.200
10.8
M
21
ZeroCERT
14
2021-06-08 10:04
ewa.exe
e177b9ddfcae8d13fe94d04395ea920e
PWS
.NET framework
Admin Tool (Sysinternals
Devolutions inc)
Malicious Library
SMTP
KeyLogger
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
PDB
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows
ComputerName
Cryptographic key
crashed
9.2
M
21
ZeroCERT
15
2021-06-07 18:07
max.exe
c93c429db9152f674a7980fb8935ab63
Admin Tool (Sysinternals
Devolutions inc)
Malicious Library
SMTP
KeyLogger
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
PDB
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows
ComputerName
Cryptographic key
crashed
10.4
M
32
ZeroCERT
First
1
2
Last
Total : 19cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
