Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
1516
2024-08-06 09:41
l.exe
5075f994390f9738e8e69f4de09debe6
Gen1
Generic Malware
Malicious Library
UPX
Malicious Packer
Anti_VM
PE File
PE64
OS Processor Check
DLL
ftp
ZIP Format
VirusTotal
Malware
Check memory
Creates executable files
2.4
47
ZeroCERT
1517
2024-08-06 09:40
%2477redline.exe
bcbcb79606c1833ccef6ca77a7535936
RedLine Infostealer
RedLine stealer
RedlineStealer
Malicious Library
.NET framework(MSIL)
UPX
PE File
.NET EXE
PE32
OS Processor Check
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
Check virtual network interfaces
Windows
Cryptographic key
1
Info
×
server.underground-cheat.xyz()
3.0
M
64
ZeroCERT
1518
2024-08-06 09:39
skx111.exe
cc0358385ac6807479ab8f5770569bce
Malicious Library
AntiDebug
AntiVM
PE File
.NET EXE
PE32
Buffer PE
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows
Cryptographic key
7.6
ZeroCERT
1519
2024-08-06 09:37
1.exe
c94b912d6522020372342c328fab4bc9
Generic Malware
Malicious Library
VMProtect
UPX
Malicious Packer
PE File
PE32
DLL
OS Processor Check
DllRegisterServer
dll
VirusTotal
Malware
Check memory
buffers extracted
Creates executable files
unpack itself
AppData folder
suspicious TLD
Browser
DNS
1
Info
×
shs.oppein.top()
1
Info
×
ET DNS Query to a *.top domain - Likely Hostile
5.6
M
28
ZeroCERT
1520
2024-08-06 09:36
public.dll
1e6e7fe9584055fc71294dc35a55241c
Generic Malware
Malicious Packer
UPX
PE File
DLL
PE64
OS Processor Check
VirusTotal
Malware
PDB
0.8
M
5
ZeroCERT
1521
2024-08-06 09:34
Update2.exe
5c1e986cb4d6283e6cc437c379b401c0
Generic Malware
Downloader
Malicious Library
UPX
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
PE File
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
WMI
Creates executable files
unpack itself
Windows utilities
suspicious process
malicious URLs
WriteConsoleW
Windows
ComputerName
7.2
M
51
ZeroCERT
1522
2024-08-06 09:34
las.exe
85bad58c9f0f03e85e7989dc7fb3eafe
Malicious Packer
UPX
PE File
PE64
OS Processor Check
VirusTotal
Malware
PDB
0.6
M
5
ZeroCERT
1523
2024-08-06 09:32
modernkissinggroupthinkiingmod...
1a9db080ee12ef6ff9d8eca0d47275f5
MS_RTF_Obfuscation_Objects
RTF File
doc
VirusTotal
Malware
Malicious Traffic
RWX flags setting
exploit crash
Tofsee
Exploit
DNS
crashed
1
Keyword trend analysis
×
Info
×
http://107.173.192.135/77/sweeethoneymoongirlfriendwithme.gIF
3
Info
×
ia803104.us.archive.org(207.241.232.154) - malware
207.241.232.154 - malware
107.173.192.135 - malware
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
4.8
M
40
ZeroCERT
1524
2024-08-06 09:32
clsid.exe
ee38099063901e55eddc5d359f1b188a
Generic Malware
Malicious Library
Malicious Packer
UPX
PE File
.NET EXE
PE32
DLL
OS Processor Check
VirusTotal
Malware
Check memory
Checks debugger
Creates executable files
unpack itself
AppData folder
crashed
3.0
M
44
ZeroCERT
1525
2024-08-06 09:31
mtx111.exe
513309cb917af6e2f49b7afc4fbb5e42
Malicious Library
AntiDebug
AntiVM
PE File
.NET EXE
PE32
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Email Client Info Stealer
Malware
Cryptocurrency wallets
Cryptocurrency
Buffer PE
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Check virtual network interfaces
Ransomware
Windows
Browser
Email
ComputerName
DNS
Cryptographic key
Software
crashed
1
Info
×
91.200.102.170
14.8
M
31
ZeroCERT
1526
2024-08-06 09:30
SHA256.exe
52eec7e5c2c820cc970b472e79fd2b39
ScreenShot
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
Buffer PE
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
6.8
M
50
ZeroCERT
1527
2024-08-06 09:27
public.exe
099b959c7202e63afb435cb3bbbf25c8
Malicious Packer
UPX
PE File
PE64
OS Processor Check
VirusTotal
Malware
PDB
crashed
1.0
M
4
ZeroCERT
1528
2024-08-06 09:27
12333.exe
2575fb6a535c5b03e282ed92151513ac
Generic Malware
Malicious Library
ASPack
UPX
DllRegisterServer
dll
PE File
PE32
OS Processor Check
DLL
VirusTotal
Malware
Creates executable files
unpack itself
AppData folder
Remote Code Execution
3.4
M
39
ZeroCERT
1529
2024-08-06 09:25
ann.dll
4d40d90f8bb645e5af06593608a1f21d
Generic Malware
Malicious Packer
UPX
PE File
DLL
PE64
OS Processor Check
VirusTotal
Malware
1.2
M
30
ZeroCERT
1530
2024-08-06 09:25
Install1.exe
1a7d1b5d24ba30c4d3d5502295ab5e89
Generic Malware
Malicious Library
Malicious Packer
PE File
PE32
VirusTotal
Malware
ComputerName
Remote Code Execution
3.2
M
66
ZeroCERT
First
Previous
101
102
103
104
105
106
107
108
109
110
Next
Last
Total : 48,230cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
