Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
1
2023-10-19 10:49
himeffectivelyproress.exe
fa9494dcb5bd42e61e89231dfc8eb0da
Gen1
Emotet
Malicious Library
UPX
AntiDebug
AntiVM
PE File
PE64
CAB
PE32
.NET EXE
OS Processor Check
PNG Format
MSOffice File
JPEG Format
VirusTotal
Malware
AutoRuns
PDB
Code Injection
Malicious Traffic
Check memory
Checks debugger
buffers extracted
Creates executable files
RWX flags setting
exploit crash
unpack itself
Windows utilities
Check virtual network interfaces
AppData folder
Tofsee
Windows
Exploit
Remote Code Execution
DNS
crashed
1
Keyword trend analysis
×
Info
×
http://104.194.128.170/svp/Ykwrxaauw.dat - rule_id: 37401
3
Info
×
iplogger.com(148.251.234.93) - mailcious
148.251.234.93 - mailcious
104.194.128.170 - mailcious
4
Info
×
ET INFO External IP Lookup Domain (iplogger .com in DNS lookup)
ET INFO External IP Lookup Domain (iplogger .com in TLS SNI)
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
1
Info
×
http://104.194.128.170/svp/Ykwrxaauw.dat
10.2
M
22
ZeroCERT
2
2023-10-08 18:34
opportunitytoolprer.exe
dfacf11cff37d089fdb939534d1680e3
Gen1
Emotet
Malicious Library
PE File
PE64
CAB
VirusTotal
Malware
Buffer PE
AutoRuns
PDB
Malicious Traffic
Check memory
Checks debugger
buffers extracted
Creates executable files
unpack itself
Check virtual network interfaces
Windows
ComputerName
Remote Code Execution
DNS
Cryptographic key
1
Keyword trend analysis
×
Info
×
http://172.86.98.101/xs12pro/Qqiurpxnu.mp3
1
Info
×
172.86.98.101
8.2
M
43
ZeroCERT
3
2021-10-11 10:20
lv.exe
4db7eb28029846ea78925a192dd837ae
Gen1
Gen2
Generic Malware
Themida Packer
Malicious Library
Admin Tool (Sysinternals etc ...)
Anti_VM
Malicious Packer
PE File
PE32
DLL
PE64
VirusTotal
Malware
Check memory
Creates executable files
unpack itself
Checks Bios
Detects VMWare
AppData folder
VMware
anti-virtualization
Windows
Firmware
crashed
6.8
M
35
ZeroCERT
First
1
Last
Total : 3cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword