Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
1531
2024-08-06 09:23
rightpeoplesaroundtheworldwith...
4442ee3018575b65e1fb7c9c5c72ce70
MS_RTF_Obfuscation_Objects
RTF File
doc
VirusTotal
Malware
Malicious Traffic
RWX flags setting
exploit crash
Tofsee
Exploit
DNS
crashed
1
Keyword trend analysis
×
Info
×
http://45.90.89.50/90/extrasmilesgivenbygirlflowersonhari.gIF
3
Info
×
ia803104.us.archive.org(207.241.232.154) - malware
207.241.232.154 - malware
45.90.89.50 - malware
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
4.8
M
41
ZeroCERT
1532
2024-08-06 09:23
nsp.exe
9602cbee90958711bfd9c1b8efcf04f0
Malicious Packer
UPX
PE File
PE64
OS Processor Check
VirusTotal
Malware
PDB
DNS
1
Info
×
5.104.84.79
1.2
M
5
ZeroCERT
1533
2024-08-06 09:21
3535.exe
fecb3521d2574fbadbe42baa640e1dee
ScreenShot
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
Buffer PE
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
6.8
M
56
ZeroCERT
1534
2024-08-06 09:21
svchost.exe
eb7eb5acecb06deab2b4fce875d6c079
PE File
PE64
Malware download
VirusTotal
Cryptocurrency Miner
Malware
Cryptocurrency
Malicious Traffic
DNS
SilentCryptoMiner
1
Keyword trend analysis
×
Info
×
http://185.196.9.187/api/endpoint.php
3
Info
×
gulf.moneroocean.stream(5.104.84.79) - mailcious
185.196.9.187 - malware
5.104.84.79
3
Info
×
ET DROP Spamhaus DROP Listed Traffic Inbound group 33
ET POLICY Cryptocurrency Miner Checkin
ET MALWARE [ANY.RUN] SilentCryptoMiner Check-in POST Request
3.2
M
58
ZeroCERT
1535
2024-08-06 09:19
%2477taskhostw.exe
2513e26d91a03e8fbcbfd8c3f4f11f80
PE File
PE64
VirusTotal
Malware
MachineGuid
Check memory
Checks debugger
buffers extracted
unpack itself
Windows
ComputerName
Cryptographic key
crashed
3.6
52
ZeroCERT
1536
2024-08-06 09:18
555.exe
9c35f1315cb51f68e401d53196daaf8b
Generic Malware
Malicious Library
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
WMI
RWX flags setting
unpack itself
ComputerName
crashed
1
Info
×
amx155.xyz()
3.8
M
66
ZeroCERT
1537
2024-08-06 09:17
serv.exe
d2901c7724d3a55d168f10f21b9e7393
PE File
PE64
VirusTotal
Malware
1.6
M
30
ZeroCERT
1538
2024-08-06 09:16
autoupdate.exe
0c6e9d70bef24a7bfacfb744e4cd3368
CoinMiner
Malicious Library
Antivirus
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
PDB
0.6
9
ZeroCERT
1539
2024-08-06 09:14
nc.exe
04915e73e6b6d161b573c86b8c3c030d
PE File
PE32
VirusTotal
Malware
unpack itself
WriteConsoleW
crashed
2.6
55
ZeroCERT
1540
2024-08-06 09:14
Install.exe
59d3bc9ca446bf4fcce3a93cdbce134a
Malicious Library
UPX
PE File
PE32
VirusTotal
Malware
1.2
M
59
ZeroCERT
1541
2024-08-06 09:13
kkkk.exe
95a0d897b91d497a0ca545c9ef3d2c37
Generic Malware
Downloader
Malicious Library
UPX
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
PE File
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
WMI
Creates executable files
unpack itself
Windows utilities
suspicious process
malicious URLs
sandbox evasion
WriteConsoleW
Windows
ComputerName
6.4
M
4
ZeroCERT
1542
2024-08-06 09:12
systems.exe
168fd1d2a0af4fdaa019f351fd03204d
Generic Malware
Malicious Library
UPX
PE File
PE64
OS Processor Check
FTP Client Info Stealer
VirusTotal
Malware
Software
1.2
M
2
ZeroCERT
1543
2024-08-06 09:10
skx111.exe
6ba2c54c1555fb526e9ea5b55811646a
Malicious Library
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
Buffer PE
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows
Cryptographic key
crashed
8.6
28
ZeroCERT
1544
2024-08-06 09:10
madamwebwin7MPDW-constraints.v...
d16a594241bdd18814c7c8f184a02210
Generic Malware
Antivirus
Hide_URL
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
Check virtual network interfaces
suspicious process
WriteConsoleW
Tofsee
Windows
ComputerName
Cryptographic key
1
Keyword trend analysis
×
Info
×
https://ia803104.us.archive.org/27/items/vbs_20240726_20240726/vbs.jpg
2
Info
×
ia803104.us.archive.org(207.241.232.154) - malware
207.241.232.154 - malware
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
7.6
3
ZeroCERT
1545
2024-08-05 16:27
demo.exe
edf60741d8f0f84ac05c3c3abe96f531
UPX
PE File
PE64
VirusTotal
Malware
unpack itself
DNS
crashed
1
Info
×
152.136.159.25 - malware
4.0
M
50
r0d
First
Previous
101
102
103
104
105
106
107
108
109
110
Next
Last
Total : 48,230cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword