Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
1
2024-12-10 18:04
CtFOJ2betk-ANLZNAABGmXYUiss28....
948ad0231079da857c9ae125b798b9ba
Word 2007 file format(docx)
ZIP Format
unpack itself
1.2
guest
2
2024-12-10 16:53
CtFOJ2betk-ANLZNAABGmXYUiss28....
948ad0231079da857c9ae125b798b9ba
Word 2007 file format(docx)
ZIP Format
unpack itself
1.2
guest
3
2024-11-26 09:56
docx003.docx
03c5b2ed5ee3d2e881c7a2e2cfc64114
VBA_macro
Word 2007 file format(docx)
ZIP Format
VirusTotal
Malware
RWX flags setting
2.6
38
ZeroCERT
4
2024-11-26 09:53
docx005.docx
6d3b90b7d6da1af9cd77b1a348c3e1a7
VBA_macro
Word 2007 file format(docx)
ZIP Format
VirusTotal
Malware
2.2
38
ZeroCERT
5
2024-11-26 09:51
docx006.docx
ed76eb774c6db599f8ad50d4489e3c31
VBA_macro
Word 2007 file format(docx)
ZIP Format
VirusTotal
Malware
RWX flags setting
2.6
38
ZeroCERT
6
2024-11-26 09:51
docx007.docx
1f9d2be9980612244c80cbe9767d44e6
VBA_macro
Word 2007 file format(docx)
ZIP Format
VirusTotal
Malware
2.2
34
ZeroCERT
7
2024-11-07 13:06
Join%20Our%20Team%20as%20a%20P...
65d4be8afc700f773c79a0d89da13ec5
Word 2007 file format(docx)
ZIP Format
VirusTotal
Malware
RWX flags setting
exploit crash
Exploit
crashed
2.2
8
ZeroCERT
8
2024-09-04 18:03
강연의뢰서.docx
108180eaed0fe88ebb3cbc783fce110a
Word 2007 file format(docx)
ZIP Format
unpack itself
1.2
ZeroCERT
9
2024-08-18 06:48
Feliz natal.docx
7ecabc55cb0e6b0893102fb1d368b34e
Word 2007 file format(docx)
ZIP Format
Vulnerability
unpack itself
1.8
guest
10
2024-08-16 18:20
Doc1.docm
0fee354732496cdbdb4e78ecb218a81a
VBA_macro
Word 2007 file format(docx)
ZIP Format
VirusTotal
Malware
unpack itself
Windows utilities
Windows
1
Keyword trend analysis
×
Info
×
https://gitlab.com/DemoTrojan/real/-/raw/main/check.bat
2
Info
×
gitlab.com(172.65.251.78) - malware
172.65.251.78 - malware
4.8
17
ZeroCERT
11
2024-08-14 17:24
Cewl.docx
b759e1004fc15c30e1b8c7085a2ef9f6
Word 2007 file format(docx)
ZIP Format
Vulnerability
unpack itself
1.8
ZeroCERT
12
2024-07-29 17:16
payload.docm
840a3a122c7e418626500dd39ae492dc
VBA_macro
Doc XML Downloader
Word 2007 file format(docx)
ZIP Format
VirusTotal
Malware
exploit crash
unpack itself
Exploit
crashed
2
Keyword trend analysis
×
Info
×
https://ciphercall.net/payload/repo/tgreport/tgmes.ps1
https://bitbucket.org/bypass_workers/main/raw/c3291e02cef4015bdeb6d1e8d6bb23f56afa7afe/init.ps1
2.8
19
ZeroCERT
13
2024-07-23 09:05
New_Recovery_Tool_to_help_with...
dd2100dfa067caae416b885637adc4ef
VBA_macro
Generic Malware
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
Word 2007 file format(docx)
ZIP Fo
VirusTotal
Malware
Code Injection
Check memory
Checks debugger
unpack itself
Windows utilities
suspicious process
WriteConsoleW
Windows
ComputerName
crashed
1
Keyword trend analysis
×
Info
×
http://172.104.160.126:8099/payload2.txt
7.8
33
ZeroCERT
14
2024-07-18 10:54
4c12d617aa51bb0c0108242da6aa00...
4c12d617aa51bb0c0108242da6aa0071
VBA_macro
Word 2007 file format(docx)
ZIP Format
Vulnerability
VirusTotal
Malware
unpack itself
suspicious process
WriteConsoleW
1
Keyword trend analysis
×
Info
×
http://koreaillmin.mypressonline.com/file/upload/list.php?query=1
5.6
25
ZeroCERT
15
2024-07-18 10:54
7ebfba0b98c135481c14db1c2f2da4...
7ebfba0b98c135481c14db1c2f2da484
VBA_macro
AntiDebug
AntiVM
Word 2007 file format(docx)
ZIP Format
Lnk Format
GIF Format
VirusTotal
Malware
VBScript
Code Injection
Check memory
wscript.exe payload download
Creates shortcut
Creates executable files
exploit crash
unpack itself
suspicious process
Exploit
DNS
crashed
Dropper
1
Keyword trend analysis
×
Info
×
http://koreaillmin.mypressonline.com/file/upload/list.php?query=1
2
Info
×
koreaillmin.mypressonline.com(185.176.43.98)
185.176.43.98 - mailcious
1
Info
×
ET INFO Observed Free Hosting Domain (mypressonline .com) in DNS Lookup
10.0
23
ZeroCERT
First
1
2
3
4
5
6
7
8
9
10
Next
Last
Total : 364cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword