Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
1
2021-10-21 18:19
file.exe
201e9ae321377c18400c09ff75c9aee6
Gen2
Gen1
Generic Malware
Malicious Library
UPX
Anti_VM
DNS
AntiDebug
AntiVM
PE File
OS Processor Check
PE32
VirusTotal
Malware
Buffer PE
AutoRuns
PDB
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
buffers extracted
Creates executable files
unpack itself
sandbox evasion
human activity check
Windows
ComputerName
Remote Code Execution
DNS
DDNS
crashed
2
Info
×
newme122.3utilities.com(23.105.131.228) - mailcious
23.105.131.228 - mailcious
1
Info
×
ET POLICY DNS Query to DynDNS Domain *.3utilities .com
13.2
29
ZeroCERT
2
2021-10-19 09:31
WERTYU345678ertyuiSDF34.exe
70cb56c6c5c12806d8ab9ec9cb9f9721
Gen2
Gen1
Generic Malware
Malicious Library
UPX
DNS
AntiDebug
AntiVM
PE File
OS Processor Check
PE32
VirusTotal
Malware
Buffer PE
AutoRuns
PDB
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
buffers extracted
Creates executable files
unpack itself
Windows utilities
suspicious process
sandbox evasion
WriteConsoleW
human activity check
Windows
ComputerName
Remote Code Execution
DNS
DDNS
crashed
2
Info
×
ezeani.duckdns.org(194.5.98.48) - mailcious
194.5.98.48 - mailcious
1
Info
×
ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
17.0
36
ZeroCERT
3
2021-10-16 12:55
SB_09837635673-309873653673.ex...
91f4fb77450caf87383a80bca76af4b9
Gen2
Gen1
Generic Malware
Malicious Library
UPX
DNS
AntiDebug
AntiVM
PE File
OS Processor Check
PE32
VirusTotal
Malware
Buffer PE
AutoRuns
PDB
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
buffers extracted
Creates executable files
unpack itself
Windows utilities
suspicious process
sandbox evasion
WriteConsoleW
human activity check
Windows
ComputerName
Remote Code Execution
DNS
DDNS
crashed
2
Info
×
1116.hopto.org(185.140.53.9) - mailcious
185.140.53.9 - mailcious
1
Info
×
ET POLICY DNS Query to DynDNS Domain *.hopto .org
16.4
33
ZeroCERT
4
2021-10-16 12:53
ORIGINAL DOCUMENTS BL, C.I. & ...
a0747b376c17728fe2731e9e98d1b017
Gen2
Gen1
Generic Malware
Malicious Library
UPX
Anti_VM
AntiDebug
AntiVM
PE File
OS Processor Check
PE32
Buffer PE
AutoRuns
PDB
Code Injection
Check memory
Checks debugger
buffers extracted
Creates executable files
unpack itself
suspicious process
sandbox evasion
Windows
Remote Code Execution
crashed
6.2
ZeroCERT
5
2021-10-16 12:45
New Order List & Specification...
39f59475d4b4672638a90ac2e475cd90
AgentTesla
browser
info stealer
Generic Malware
Google
Chrome
User Data
Malicious Library
UPX
Create Service
Socket
Code injection
Sniff Audio
KeyLogger
Escalate priviledges
Downloader
AntiDebug
AntiVM
PE File
OS Processor Check
PE32
Buffer PE
AutoRuns
PDB
Code Injection
Check memory
Checks debugger
buffers extracted
Creates executable files
suspicious process
AppData folder
sandbox evasion
Windows
Remote Code Execution
DNS
DDNS
crashed
keylogger
2
Info
×
mgc0147.hopto.org(194.5.98.158)
194.5.98.158
1
Info
×
ET POLICY DNS Query to DynDNS Domain *.hopto .org
12.0
ZeroCERT
6
2021-10-16 12:42
KRSEL000005628644.PNG.scr
bd8f7a95d63891f57462cfa5b2179888
Gen2
Gen1
Generic Malware
Malicious Library
UPX
Malicious Packer
DNS
AntiDebug
AntiVM
PE File
OS Processor Check
PE32
VirusTotal
Malware
Buffer PE
AutoRuns
PDB
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
buffers extracted
Creates executable files
unpack itself
Windows utilities
suspicious process
WriteConsoleW
human activity check
Windows
ComputerName
Remote Code Execution
DNS
DDNS
crashed
2
Info
×
strongodss.ddns.net(185.19.85.175) - mailcious
185.19.85.175 - mailcious
1
Info
×
ET POLICY DNS Query to DynDNS Domain *.ddns .net
15.8
44
ZeroCERT
7
2021-10-14 16:50
IMG.00000201419.PNG.scr
664d73b23eddfcd0227786b9d0f5d022
Gen2
Gen1
Generic Malware
UPX
Malicious Library
DNS
AntiDebug
AntiVM
PE File
PE32
OS Processor Check
VirusTotal
Malware
Buffer PE
AutoRuns
PDB
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
buffers extracted
Creates executable files
unpack itself
Windows utilities
suspicious process
WriteConsoleW
human activity check
Windows
ComputerName
Remote Code Execution
DNS
DDNS
crashed
3
Info
×
strongodss.ddns.net(197.210.84.249) - mailcious
185.19.85.175 - mailcious
197.210.84.249
1
Info
×
ET POLICY DNS Query to DynDNS Domain *.ddns .net
16.0
29
ZeroCERT
8
2021-10-14 16:50
KRSEL0000056286.JPG.scr
d6f040b4d7d217b8525dff843feba635
Gen2
Gen1
Generic Malware
UPX
Malicious Library
DNS
AntiDebug
AntiVM
PE File
PE32
OS Processor Check
VirusTotal
Malware
Buffer PE
AutoRuns
PDB
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
buffers extracted
Creates executable files
unpack itself
Windows utilities
suspicious process
AppData folder
WriteConsoleW
Windows
ComputerName
Remote Code Execution
crashed
13.2
43
ZeroCERT
9
2021-10-14 15:38
Documents.exe
c2f9ae069b620080b761d9280473e7aa
Gen2
Gen1
Generic Malware
UPX
Malicious Library
Malicious Packer
PE File
PE32
OS Processor Check
VirusTotal
Malware
Buffer PE
AutoRuns
PDB
Check memory
Checks debugger
buffers extracted
Creates executable files
unpack itself
Windows
Remote Code Execution
crashed
5.4
M
32
ZeroCERT
10
2021-10-14 15:37
asdERTYgh56F.exe
b866823e1f8f4a52376bd108c457dd78
Gen2
Gen1
Generic Malware
UPX
Malicious Library
DNS
AntiDebug
AntiVM
PE File
PE32
OS Processor Check
VirusTotal
Malware
Buffer PE
AutoRuns
PDB
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
buffers extracted
Creates executable files
unpack itself
Windows utilities
suspicious process
sandbox evasion
WriteConsoleW
human activity check
Windows
ComputerName
Remote Code Execution
DNS
DDNS
crashed
2
Info
×
ezeani.duckdns.org(194.5.98.48)
194.5.98.48
1
Info
×
ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
16.4
M
36
ZeroCERT
11
2021-10-12 18:44
TRF08359668902.JPG.scr
b115228fe5e180f505c081aa829c1a86
Generic Malware
Malicious Library
DNS
AntiDebug
AntiVM
PE File
PE32
OS Processor Check
Buffer PE
AutoRuns
PDB
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
buffers extracted
Creates executable files
unpack itself
Windows utilities
suspicious process
WriteConsoleW
Windows
ComputerName
Remote Code Execution
crashed
11.6
ZeroCERT
12
2021-10-12 10:56
AMC P.O1082021.JPG.scr
9a4a8643db95a8c0fe52af8675a5d1b1
Generic Malware
Malicious Library
Malicious Packer
DNS
AntiDebug
AntiVM
PE File
PE32
OS Processor Check
VirusTotal
Malware
Buffer PE
AutoRuns
PDB
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
buffers extracted
Creates executable files
unpack itself
Windows utilities
suspicious process
WriteConsoleW
human activity check
Windows
ComputerName
Remote Code Execution
DNS
DDNS
crashed
2
Info
×
strongodss.ddns.net(185.19.85.175) - mailcious
185.19.85.175 - mailcious
1
Info
×
ET POLICY DNS Query to DynDNS Domain *.ddns .net
14.6
35
ZeroCERT
13
2021-10-12 09:30
SRE2021.34935374.JPG.scr
dd663bb6a23cd47928fcd9e34ddb98e3
Generic Malware
Malicious Library
Malicious Packer
DNS
AntiDebug
AntiVM
PE File
PE32
OS Processor Check
VirusTotal
Malware
Buffer PE
AutoRuns
PDB
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
buffers extracted
Creates executable files
unpack itself
Windows utilities
suspicious process
WriteConsoleW
human activity check
Windows
ComputerName
Remote Code Execution
DNS
DDNS
crashed
3
Info
×
strongodss.ddns.net(197.210.79.200) - mailcious
197.210.79.200
185.19.85.175 - mailcious
1
Info
×
ET POLICY DNS Query to DynDNS Domain *.ddns .net
16.2
34
ZeroCERT
14
2021-10-12 09:27
ORL49357390844.JPG.scr
d8abec927aa5885f549ad9c5d83e09c3
Generic Malware
Malicious Library
PE File
PE32
OS Processor Check
VirusTotal
Malware
Buffer PE
AutoRuns
PDB
Check memory
Checks debugger
buffers extracted
Creates executable files
unpack itself
Windows
Remote Code Execution
crashed
5.6
44
ZeroCERT
15
2021-10-12 09:26
AMC P.O1082021.jpg.scr
6a4e9c8b6e38bab16622b8d26164b3fd
Generic Malware
Malicious Library
Malicious Packer
DNS
AntiDebug
AntiVM
PE File
PE32
OS Processor Check
VirusTotal
Malware
Buffer PE
AutoRuns
PDB
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
buffers extracted
Creates executable files
unpack itself
Windows utilities
suspicious process
AppData folder
WriteConsoleW
human activity check
Windows
ComputerName
Remote Code Execution
DNS
DDNS
crashed
3
Info
×
strongodss.ddns.net(197.210.79.200) - mailcious
197.210.79.200
185.19.85.175 - mailcious
1
Info
×
ET POLICY DNS Query to DynDNS Domain *.ddns .net
17.4
45
ZeroCERT
First
1
2
Last
Total : 20cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
