Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
1
2024-12-16 19:01
Captcha.hta
81df0a7222ad3c1bd736c2190314b47c
VirusTotal
Malware
Check memory
RWX flags setting
unpack itself
1
Keyword trend analysis
×
Info
×
http://crl.microsoft.com/pki/crl/products/microsoftrootcert.crl
2.2
24
ZeroCERT
2
2024-11-24 19:22
es.hta
10184fe59d8f1d9d1f50d9e373f1c007
Generic Malware
Antivirus
PowerShell
VirusTotal
Malware
powershell
AutoRuns
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
Windows utilities
Check virtual network interfaces
suspicious process
WriteConsoleW
Windows
ComputerName
Cryptographic key
1
Info
×
pub-37d3986658af451c9d52bb9f482b3e2d.r2.dev(162.159.140.237)
6.4
27
ZeroCERT
3
2024-11-20 09:15
bestthingsalwaysgetbesrentirel...
05dcffe1d8e8e209a90b522192ad8000
Generic Malware
Antivirus
AntiDebug
AntiVM
PowerShell
DLL
PE32
PE File
.NET DLL
VirusTotal
Malware
powershell
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
Creates shortcut
Creates executable files
RWX flags setting
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
AppData folder
Windows
ComputerName
DNS
Cryptographic key
1
Info
×
107.172.44.178
11.2
26
ZeroCERT
4
2024-11-11 10:29
glued.hta
d588b40f7fbf15af9f1a4af0fc7a1cca
Generic Malware
Antivirus
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
Check virtual network interfaces
suspicious process
WriteConsoleW
Windows
ComputerName
Cryptographic key
1
Info
×
armanayegh.com(185.94.96.102) -
5.6
31
ZeroCERT
5
2024-11-11 10:10
PO-54752454235.hta
ae1d170677ac0a614ed5d88b943c7635
Generic Malware
Antivirus
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
Check virtual network interfaces
suspicious process
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
1
Info
×
185.196.11.151 -
7.0
28
ZeroCERT
6
2024-11-11 09:54
asd.exe
c52e39baa318823a55e073d708c51c17
Suspicious_Script_Bin
AntiDebug
AntiVM
MSOffice File
VirusTotal
Malware
Code Injection
RWX flags setting
unpack itself
Windows utilities
suspicious process
Windows
crashed
4.4
9
ZeroCERT
7
2024-11-07 21:45
1.hta
682f821b4daa22d6629825e83159e98f
Formbook
VirusTotal
Malware
crashed
1.0
28
guest
8
2024-11-07 13:13
Xteam30.hta
e4d9fac46b74d05a7110d922393c53b5
Generic Malware
Antivirus
PowerShell
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
Check virtual network interfaces
suspicious process
WriteConsoleW
Windows
ComputerName
Cryptographic key
1
Info
×
tp2.5ee.mytemp.website(118.139.176.218) -
4.6
ZeroCERT
9
2024-11-01 09:51
a.hta
9d17c4b02df4c09f0912771f0768ff44
VirusTotal
Malware
Check memory
RWX flags setting
unpack itself
Interception
2
Info
×
newshostingsupdate.com(161.97.130.110)
www.hyperwrite.com(216.158.90.138)
2.0
7
ZeroCERT
10
2024-10-26 11:07
seethebestthingsevermeetwithgr...
964a54d784f1cbef1effaa3ab917fcbc
Generic Malware
Antivirus
Downloader
AntiDebug
AntiVM
PowerShell
PE File
DLL
PE32
.NET DLL
VirusTotal
Malware
powershell
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
Creates shortcut
Creates executable files
RWX flags setting
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
AppData folder
Windows
ComputerName
DNS
Cryptographic key
1
Info
×
192.3.176.141
11.0
18
ZeroCERT
11
2024-10-26 11:07
seethebestthingstobegoodwithhi...
0b1aa8ae190d05df71f4052fae67df5b
Generic Malware
Antivirus
Downloader
AntiDebug
AntiVM
PE File
DLL
PE32
.NET DLL
VirusTotal
Malware
powershell
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
Creates shortcut
Creates executable files
RWX flags setting
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
AppData folder
Windows
ComputerName
DNS
Cryptographic key
1
Info
×
192.3.176.141
11.2
25
ZeroCERT
12
2024-10-26 11:07
greatthingswithgoodnewsgivenby...
9dbf5ee2610284f5668fb229ba474b95
Generic Malware
Antivirus
AntiDebug
AntiVM
PowerShell
PE File
DLL
PE32
.NET DLL
VirusTotal
Malware
powershell
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
Creates shortcut
Creates executable files
RWX flags setting
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
AppData folder
Windows
ComputerName
DNS
Cryptographic key
1
Info
×
192.3.176.141
11.0
19
ZeroCERT
13
2024-10-24 11:16
sheisthebestcaseeveryoneknowbe...
1fd620bfc1434f416a86c5ab0ca98c41
Generic Malware
Antivirus
Downloader
AntiDebug
AntiVM
PE File
DLL
PE32
.NET DLL
VirusTotal
Malware
powershell
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
Creates shortcut
Creates executable files
RWX flags setting
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
AppData folder
Windows
ComputerName
DNS
Cryptographic key
1
Keyword trend analysis
×
Info
×
http://192.3.220.40/888/seebestthingswithgreatnewsgivenme.tIF
1
Info
×
192.3.220.40 - mailcious
11.6
17
ZeroCERT
14
2024-10-24 11:14
seethebestthingsformygirlshegr...
fe8fc9b6f9e8aa88dd3c80ebe9c4f872
Generic Malware
Antivirus
AntiDebug
AntiVM
PowerShell
PE File
DLL
PE32
.NET DLL
VirusTotal
Malware
powershell
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
Creates shortcut
Creates executable files
RWX flags setting
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
AppData folder
Windows
ComputerName
DNS
Cryptographic key
1
Keyword trend analysis
×
Info
×
http://192.3.220.40/666/newthingsforeveryonetogetforgreatthingstobe.tIF
1
Info
×
192.3.220.40 - mailcious
11.8
25
ZeroCERT
15
2024-10-24 11:07
evil.hta
bbef4076e21551ff83395d537239ab87
PE File
VirusTotal
Malware
Check memory
Creates executable files
RWX flags setting
unpack itself
2.4
32
ZeroCERT
First
1
2
3
4
5
6
7
8
9
10
Next
Last
Total : 722cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword