Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
1
2023-11-30 16:51
conhost.exe
249b4980b929e202ad6ccc95bbd455b2
Malicious Library
UPX
PE32
PE File
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
crashed
2.8
M
49
ZeroCERT
2
2022-06-28 09:44
vbc.exe
d39d493b27584c9c4dc9e0d3f03d0a0a
AgentTesla
PWS[m]
RAT
browser
info stealer
Generic Malware
Google
Chrome
User Data
Antivirus
Create Service
Socket
DNS
Internet API
Code injection
Sniff Audio
KeyLogger
Downloader
Escalate priviledges
ScreenShot
AntiDebug
AntiVM
PE32
.NET EXE
PE File
Browser Info Stealer
Remcos
VirusTotal
Email Client Info Stealer
Malware
AutoRuns
suspicious privilege
Code Injection
Malicious Traffic
Check memory
Checks debugger
buffers extracted
Creates shortcut
unpack itself
suspicious process
AntiVM_Disk
sandbox evasion
VM Disk Size Check
Windows
Browser
Email
ComputerName
DNS
Cryptographic key
DDNS
crashed
keylogger
1
Keyword trend analysis
×
Info
×
http://geoplugin.net/json.gp
4
Info
×
geoplugin.net(178.237.33.50)
imranmhemoodcheema.ddns.net(179.43.154.168) - mailcious
178.237.33.50
179.43.154.168
2
Info
×
ET POLICY DNS Query to DynDNS Domain *.ddns .net
ET JA3 Hash - Remcos 3.x TLS Connection
14.6
M
29
ZeroCERT
3
2021-11-12 10:36
hussanzx.exe
ab00b875e9d7ec4065d7dbbda08d474a
RAT
Generic Malware
AntiDebug
AntiVM
PE File
PE32
.NET EXE
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows
Cryptographic key
crashed
8.0
43
ZeroCERT
First
1
Last
Total : 3cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
