Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
1
2024-09-17 14:01
vlst.exe
1b2583d84dca4708d7a0309cf1087a89
RedLine stealer
ILProtector Packer
Malicious Library
.NET framework(MSIL)
UPX
PE File
.NET EXE
PE32
OS Processor Check
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
unpack itself
Windows
Cryptographic key
2.6
M
65
ZeroCERT
2
2024-08-16 15:10
robotic.exe
6b1bbe4e391cdfd775780d8502ccbc41
RedLine stealer
ILProtector Packer
Malicious Library
.NET framework(MSIL)
UPX
PE File
.NET EXE
PE32
OS Processor Check
RedLine
Malware download
VirusTotal
Malware
Microsoft
suspicious privilege
MachineGuid
Check memory
Checks debugger
buffers extracted
unpack itself
Stealer
Windows
ComputerName
DNS
Cryptographic key
1
Info
×
45.89.247.19
3
Info
×
ET DROP Spamhaus DROP Listed Traffic Inbound group 4
ET INFO Microsoft net.tcp Connection Initialization Activity
ET MALWARE [ANY.RUN] RedLine Stealer/MetaStealer Family Related (MC-NMF Authorization)
4.0
M
49
ZeroCERT
3
2024-08-10 12:37
Operation6572.exe
913bdfccaaed0a1ed80d2c52e5f5d7c3
RedLine stealer
ILProtector Packer
Malicious Library
.NET framework(MSIL)
UPX
PE File
.NET EXE
PE32
OS Processor Check
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
unpack itself
Windows
Cryptographic key
2.6
M
61
ZeroCERT
4
2024-07-11 09:36
see.exe
99c32c0ce5e09149ee86bf2e314bf389
RedLine stealer
ILProtector Packer
Malicious Library
.NET framework(MSIL)
UPX
PE File
.NET EXE
PE32
OS Processor Check
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
unpack itself
Windows
Cryptographic key
2.6
M
47
ZeroCERT
5
2024-06-25 07:57
googleads.exe
7226b083a46c85f292f6dbfae79b431e
RedLine stealer
ILProtector Packer
Malicious Library
.NET framework(MSIL)
UPX
PE File
.NET EXE
PE32
OS Processor Check
VirusTotal
Malware
suspicious privilege
MachineGuid
Check memory
Checks debugger
unpack itself
Windows
DNS
Cryptographic key
1
Info
×
52.144.47.245
4.4
54
ZeroCERT
6
2024-03-19 07:56
TeamFour.exe
3b069f3dd741e4360f26cb27cb10320a
RedLine stealer
UPX
.NET framework(MSIL)
PE32
PE File
.NET EXE
OS Processor Check
Microsoft
suspicious privilege
Check memory
Checks debugger
unpack itself
Windows
DNS
Cryptographic key
1
Info
×
217.195.207.156
1
Info
×
ET INFO Microsoft net.tcp Connection Initialization Activity
2.0
ZeroCERT
First
1
Last
Total : 6cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword