Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
1
2025-02-26 09:53
random.exe
b2485d947085da474eb8c19a810893c7
Themida
UPX
Http API
HTTP
Internet API
AntiDebug
AntiVM
PE File
PE32
VirusTotal
Malware
Code Injection
Checks debugger
buffers extracted
unpack itself
Checks Bios
Detects VMWare
VMware
anti-virtualization
Windows
crashed
9.4
M
37
ZeroCERT
2
2025-02-12 13:23
random.exe
580d01da779f9d2c14ffa548ea4da16e
Themida
ILProtector Packer
UPX
Malicious Library
Antivirus
DGA
Http API
ScreenShot
HTTP
Code injection
Internet API
KeyLogger
Anti_VM
AntiDebug
AntiVM
PE File
PE32
.NET EXE
GIF Format
Lnk Format
DLL
.NET DLL
VirusTotal
Malware
suspicious privilege
Code Injection
Malicious Traffic
Checks debugger
buffers extracted
Creates shortcut
Creates executable files
RWX flags setting
unpack itself
Checks Bios
Detects VMWare
AppData folder
malicious URLs
AntiVM_Disk
VMware
anti-virtualization
VM Disk Size Check
Windows
DNS
crashed
5
Keyword trend analysis
×
Info
×
http://185.156.73.73/ycl
http://185.156.73.73/info
http://185.156.73.73/update
http://185.156.73.73/service
http://185.156.73.73/success?substr=mixtwo&s=three&sub=non
1
Info
×
185.156.73.73
3
Info
×
ET POLICY PE EXE or DLL Windows file download HTTP
ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response
ET INFO EXE - Served Attached HTTP
15.4
M
31
ZeroCERT
3
2025-02-11 10:50
random.exe
2103d8fbd7305f63a982df26d65f056f
Themida
ILProtector Packer
UPX
Malicious Library
Antivirus
DGA
Http API
ScreenShot
HTTP
Code injection
Internet API
KeyLogger
Anti_VM
AntiDebug
AntiVM
PE File
PE32
.NET EXE
GIF Format
Lnk Format
DLL
.NET DLL
Malware
MachineGuid
Code Injection
Malicious Traffic
Checks debugger
buffers extracted
Creates shortcut
Creates executable files
RWX flags setting
unpack itself
Checks Bios
Detects VMWare
AppData folder
malicious URLs
AntiVM_Disk
VMware
anti-virtualization
VM Disk Size Check
Windows
DNS
crashed
5
Keyword trend analysis
×
Info
×
http://185.156.73.73/success?substr=mixfour&s=three&sub=non
http://185.156.73.73/ycl
http://185.156.73.73/info
http://185.156.73.73/update
http://185.156.73.73/service
1
Info
×
185.156.73.73
3
Info
×
ET POLICY PE EXE or DLL Windows file download HTTP
ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response
ET INFO EXE - Served Attached HTTP
13.6
M
ZeroCERT
4
2025-02-11 10:45
random.exe
4550b8e1193d6362b3f4d1ed2d037d99
Emotet
Gen1
Themida
Generic Malware
ILProtector Packer
UPX
Malicious Library
Antivirus
DGA
Http API
ScreenShot
HTTP
Code injection
Internet API
KeyLogger
AntiDebug
AntiVM
PE File
PE32
.NET EXE
OS Processor Check
DLL
MZP Format
GIF Format
Lnk Format
.NET D
VirusTotal
Malware
suspicious privilege
Code Injection
Malicious Traffic
Check memory
Checks debugger
buffers extracted
Creates shortcut
Creates executable files
RWX flags setting
unpack itself
Checks Bios
Detects VMWare
AppData folder
malicious URLs
AntiVM_Disk
VMware
anti-virtualization
VM Disk Size Check
Windows
ComputerName
DNS
crashed
5
Keyword trend analysis
×
Info
×
http://185.156.73.73/ycl
http://185.156.73.73/info
http://185.156.73.73/update
http://185.156.73.73/service
http://185.156.73.73/success?substr=mixtwo&s=three&sub=non
1
Info
×
185.156.73.73
3
Info
×
ET POLICY PE EXE or DLL Windows file download HTTP
ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response
ET INFO EXE - Served Attached HTTP
17.0
M
29
ZeroCERT
First
1
Last
Total : 4cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
