Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
1
2023-10-04 07:42
fmodstudio64.exe
5f32065d2330cb09aee6ed9fa7ed1c21
Malicious Library
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
Malicious Traffic
Check memory
buffers extracted
unpack itself
suspicious process
Tofsee
ComputerName
Remote Code Execution
2
Keyword trend analysis
×
Info
×
https://passport.weibo.com/visitor/visitor?entry=miniblog&a=enter&url=https%3A%2F%2Fweibo.com%2F&domain=weibo.com&_rand=1696372813674&sudaref=
https://weibo.com/
4
Info
×
passport.weibo.com(36.51.224.27)
weibo.com(36.51.224.114)
36.51.224.27
36.51.224.53
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
4.6
M
15
ZeroCERT
2
2021-08-09 23:35
nvcontainer1.exe
32bba43c8b2558806371cbed0682d89a
RAT
PWS
.NET framework
Generic Malware
UPX
AntiDebug
AntiVM
.NET EXE
PE File
PE32
VirusTotal
Malware
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows
crashed
8.6
M
20
ZeroCERT
3
2021-08-04 17:26
nva.exe
d50c5edad1478a183e7216b0a94bd215
PWS
Loki[b]
Loki[m]
RAT
Generic Malware
UPX
DNS
KeyLogger
ScreenShot
DGA
Socket
Create Service
Sniff Audio
Escalate priviledges
Code injection
HTTP
Internet API
FTP
Http API
Steal credential
Downloader
P2P
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows utilities
WriteConsoleW
Windows
DNS
DDNS
crashed
1
Info
×
societyf500.ddns.net(37.238.146.18) - mailcious
1
Info
×
ET POLICY DNS Query to DynDNS Domain *.ddns .net
9.6
25
ZeroCERT
4
2021-08-04 17:25
nva.exe
9486fe80718f69b103e1166e32ca5621
PWS
Loki[b]
Loki[m]
RAT
Generic Malware
DNS
KeyLogger
ScreenShot
DGA
Socket
Create Service
Sniff Audio
Escalate priviledges
Code injection
HTTP
Internet API
FTP
Http API
Steal credential
Downloader
P2P
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows utilities
WriteConsoleW
Windows
DNS
DDNS
crashed
1
Info
×
societyf500.ddns.net(37.238.146.18) - mailcious
1
Info
×
ET POLICY DNS Query to DynDNS Domain *.ddns .net
10.0
53
ZeroCERT
5
2021-06-25 09:06
NVDisplay.exe
a4ec33b8042adbea91f26c478a283c50
AsyncRAT
backdoor
PWS
.NET framework
Generic Malware
PE File
.NET EXE
PE32
VirusTotal
Malware
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
unpack itself
Windows
DNS
crashed
6.4
23
ZeroCERT
6
2021-06-25 09:00
mons.exe
7e06ff8e96654584763cb9f4b857bdfb
PWS
Loki[b]
Loki[m]
AsyncRAT
backdoor
.NET framework
Generic Malware
DNS
KeyLogger
ScreenShot
DGA
Socket
Create Service
Sniff Audio
HTTP
Escalate priviledges
FTP
Code injection
Http API
Internet API
Steal credential
Downloader
P2P
AntiDebug
AntiVM
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows utilities
WriteConsoleW
Windows
DNS
crashed
1
Info
×
fit.microgent.ru(195.133.40.220)
9.0
ZeroCERT
7
2021-06-25 08:59
nvdia.exe
41bb874f7fcd9f510c2f732550ebc21e
AsyncRAT
backdoor
PWS
.NET framework
Generic Malware
Malicious Library
PE File
.NET EXE
OS Processor Check
PE32
Check memory
Checks debugger
unpack itself
DNS
1.4
ZeroCERT
8
2021-06-25 08:49
Cons.exe
b19420967dfc223658a907a58a59a563
PWS
Loki[b]
Loki[m]
AsyncRAT
backdoor
.NET framework
Ave Maria
WARZONE RAT
Generic Malware
Antivirus
DNS
KeyLogger
ScreenShot
AntiDebug
AntiVM
PE File
.NET EXE
PE32
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
Windows utilities
suspicious process
WriteConsoleW
Windows
ComputerName
Cryptographic key
1
Info
×
fit.microgent.ru(195.133.40.220)
6.0
ZeroCERT
9
2021-06-24 10:19
NVC.exe
70e97b8ae8f08c3f8c2cbf4d81192cf0
Generic Malware
DGA
DNS
Socket
Create Service
Sniff Audio
HTTP
Escalate priviledges
KeyLogger
FTP
Code injection
Http API
Internet API
Steal credential
ScreenShot
Downloader
P2P
AntiDebug
AntiVM
PE File
.NET EXE
PE32
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows utilities
WriteConsoleW
Windows
crashed
1
Info
×
con.microgent.ru(195.133.40.220)
8.8
ZeroCERT
10
2021-06-24 10:14
NVIDIA.exe
5ff35bead91ba5d8359afc1389a9ab5e
Generic Malware
PE File
PE64
Check memory
Checks debugger
unpack itself
DNS
1
Info
×
195.133.40.220
1.8
ZeroCERT
11
2021-06-24 10:10
NV.exe
75e7308aacb22402184d08ee9712f89b
Generic Malware
DGA
DNS
Socket
Create Service
Sniff Audio
HTTP
Escalate priviledges
KeyLogger
FTP
Code injection
Http API
Internet API
Steal credential
ScreenShot
Downloader
P2P
AntiDebug
AntiVM
PE File
.NET EXE
PE32
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows utilities
WriteConsoleW
Windows
DNS
DDNS
crashed
1
Info
×
societyf500.ddns.net(91.109.188.6)
1
Info
×
ET POLICY DNS Query to DynDNS Domain *.ddns .net
9.8
ZeroCERT
12
2021-06-24 10:04
GPU.exe
619057f86d88426ef8b7cd4a91570aab
Generic Malware
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows
DNS
DDNS
crashed
6
Info
×
fact.azad.live(172.67.200.214)
societyf500.ddns.net(91.109.188.6)
104.21.13.168
172.67.200.214
195.133.40.220
91.109.188.6
1
Info
×
ET POLICY DNS Query to DynDNS Domain *.ddns .net
11.6
45
ZeroCERT
13
2021-06-24 09:38
nva.exe
4057325c09951e44b67ff0613a47bd97
Generic Malware
DGA
DNS
Socket
Create Service
Sniff Audio
HTTP
Escalate priviledges
KeyLogger
FTP
Code injection
Http API
Internet API
Steal credential
ScreenShot
Downloader
P2P
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows utilities
WriteConsoleW
Windows
DNS
DDNS
crashed
2
Info
×
societyf500.ddns.net(91.109.188.6)
52.221.201.97
1
Info
×
ET POLICY DNS Query to DynDNS Domain *.ddns .net
10.4
39
ZeroCERT
First
1
Last
Total : 13cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
