Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
1666
2024-08-04 13:35
conhost.exe
f8c2769b1490e6eabeb8dd5faa8e6e70
Gen1
Malicious Library
Malicious Packer
UPX
PE File
PE64
OS Processor Check
VirusTotal
Malware
crashed
1.2
M
28
ZeroCERT
1667
2024-08-04 13:35
mimikatz.exe
640ff220dc517b6fda38e45fb575d47e
Generic Malware
Malicious Library
Malicious Packer
UPX
PE File
PE64
OS Processor Check
VirusTotal
Malware
Check memory
WriteConsoleW
1.6
M
58
ZeroCERT
1668
2024-08-04 13:33
.lnk
ac9f282a9457797265cb5baf1dfafd54
Generic Malware
UPX
Antivirus
AntiDebug
AntiVM
Lnk Format
GIF Format
PE File
PE32
VirusTotal
Malware
powershell
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
Creates shortcut
RWX flags setting
unpack itself
powershell.exe wrote
suspicious process
AppData folder
Interception
Windows
ComputerName
DNS
Cryptographic key
1
Keyword trend analysis
×
Info
×
http://149.51.230.198:5566/releaseform
1
Info
×
149.51.230.198 - malware
3
Info
×
ET POLICY PE EXE or DLL Windows file download HTTP
ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response
ET INFO EXE - Served Inline HTTP
8.8
M
24
ZeroCERT
1669
2024-08-04 13:33
wereallyneedthisgirlbacktomypl...
0a052f8d7d1dd625c750fe579d2c610c
MS_RTF_Obfuscation_Objects
RTF File
doc
VirusTotal
Malware
Malicious Traffic
RWX flags setting
exploit crash
Tofsee
Exploit
DNS
crashed
1
Keyword trend analysis
×
Info
×
http://45.90.89.50/70/mycuteflowergirlsheisneedmetooget.gIF
3
Info
×
ia803104.us.archive.org(207.241.232.154) - malware
207.241.232.154 - malware
45.90.89.50 - malware
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
4.6
M
34
ZeroCERT
1670
2024-08-04 13:33
mimilib.dll
ddbd4a6269c999e0e32a2b523495ca39
Generic Malware
Malicious Library
Malicious Packer
UPX
PE File
DLL
PE64
OS Processor Check
VirusTotal
Malware
Checks debugger
unpack itself
crashed
2.0
M
50
ZeroCERT
1671
2024-08-04 13:30
1.exe
0b3e8cba9ade0b3aa878518d0152fa05
Generic Malware
Malicious Library
Anti_VM
PE File
PE32
VirusTotal
Malware
Checks debugger
RWX flags setting
unpack itself
Detects VMWare
VMware
DNS
crashed
1
Info
×
124.220.147.85 - malware
6.8
M
57
ZeroCERT
1672
2024-08-04 13:30
wow.exe
a09ccb37bd0798093033ba9a132f640f
Malicious Library
ASPack
PE File
PE32
CAB
MZP Format
DLL
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
AppData folder
2.4
12
ZeroCERT
1673
2024-08-04 13:28
Client-built.exe
31f02498a247da63ebb0cac0a727d73e
Malicious Library
.NET framework(MSIL)
UPX
PE File
.NET EXE
PE32
OS Processor Check
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
2.0
60
ZeroCERT
1674
2024-08-04 13:28
setup.exe
919cbed764792c6151de3dd43459d649
Generic Malware
Malicious Packer
UPX
PE File
PE64
VirusTotal
Malware
Malicious Traffic
RWX flags setting
unpack itself
ComputerName
DNS
1
Keyword trend analysis
×
Info
×
https://47.96.143.9/jquery-3.3.1.min.js
1
Info
×
47.96.143.9
3.6
M
21
ZeroCERT
1675
2024-08-04 13:26
mimilib.dll
80b4e71fcf1d3e41c95e608ae8258dcd
Malicious Packer
PE File
DLL
PE64
VirusTotal
Malware
Checks debugger
DNS
crashed
1
Info
×
111.231.145.137 - malware
2.2
M
54
ZeroCERT
1676
2024-08-04 13:26
Invoice.exe
922a78d9c8741836247c4c417105713c
UPX
PE File
PE64
VirusTotal
Malware
2.6
M
51
ZeroCERT
1677
2024-08-04 13:24
%E6%A4%8D%E7%89%A9%E5%A4%A7%E6...
1ee9c13a407d148b737ec40fbc48b4d3
UPX
PE File
PE32
VirusTotal
Malware
suspicious privilege
Windows utilities
WriteConsoleW
Windows
DNS
2
Info
×
101.34.209.73 - malware
111.231.145.137 - malware
4.2
M
33
ZeroCERT
1678
2024-08-04 13:24
%E6%88%91%E7%9A%84%E4%B8%96%E7...
dc481056e65328f44e332a878d9e2064
UPX
PE File
PE64
VirusTotal
Malware
2.4
M
31
ZeroCERT
1679
2024-08-04 13:22
eee.exe
542b77100b79dda183359bfa3890e4bd
UPX
PE File
PE64
VirusTotal
Malware
suspicious privilege
Windows utilities
WriteConsoleW
Windows
DNS
1
Keyword trend analysis
×
Info
×
http://101.34.209.73:3232/ws
1
Info
×
101.34.209.73 - malware
3.8
M
20
ZeroCERT
1680
2024-08-04 13:22
a.exe
10193f6590742a4ddd1e5b4ce8743ab4
UPX
PE File
PE64
VirusTotal
Malware
2.4
M
31
ZeroCERT
First
Previous
111
112
113
114
115
116
117
118
119
120
Next
Last
Total : 48,230cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
