Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
1
2024-10-09 13:01
docii.exe
1590a3efb4a143305e7182fbd284a414
.NET framework(MSIL)
UPX
Anti_VM
PE File
.NET EXE
PE32
OS Processor Check
VirusTotal
Malware
Buffer PE
suspicious privilege
Check memory
Checks debugger
buffers extracted
unpack itself
ComputerName
4.0
M
42
ZeroCERT
2
2022-04-07 11:02
Quote#0023.exe
08de95692eaf98ddd417248d7f2ebe7b
RAT
PWS
.NET framework
DNS
AntiDebug
AntiVM
PE32
.NET EXE
PE File
VirusTotal
Malware
Buffer PE
AutoRuns
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
human activity check
Windows
DNS
DDNS
4
Info
×
sys2021.linkpc.net(197.210.55.162)
216.250.250.94
197.210.55.162
31.210.20.25 - mailcious
1
Info
×
ET POLICY Observed DNS Query to DynDNS Domain (linkpc .net)
14.4
26
ZeroCERT
3
2022-04-07 11:00
Quote#0022.exe
b0cd0bc56c83837d045d7895de83839e
PWS[m]
PWS
Loki[b]
Loki.m
RAT
.NET framework
Generic Malware
task schedule
Antivirus
ScreenShot
DNS
KeyLogger
AntiDebug
AntiVM
PE32
.NET EXE
PE File
VirusTotal
Malware
powershell
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
Creates shortcut
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
WriteConsoleW
IP Check
Windows
ComputerName
DNS
Cryptographic key
1
Keyword trend analysis
×
Info
×
http://ip-api.com/json/
3
Info
×
ip-api.com(208.95.112.1)
216.250.250.94
208.95.112.1
1
Info
×
ET POLICY External IP Lookup ip-api.com
14.0
28
ZeroCERT
4
2022-04-07 10:54
Quote#0021.exe
5074fa7923540e8487394b101ed73b93
PWS[m]
RAT
PWS
.NET framework
SMTP
KeyLogger
AntiDebug
AntiVM
PE32
.NET EXE
PE File
VirusTotal
Malware
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows
ComputerName
crashed
10.0
27
ZeroCERT
First
1
Last
Total : 4cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
