Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
1696
2025-03-07 09:53
http://www.example.com
c4b8578d2354c38613669b1c82a08ccb
Generic Malware
PE File
PE64
VirusTotal
Cryptocurrency Miner
Malware
unpack itself
DNS
CoinMiner
1
Keyword trend analysis
×
Info
×
1
4
Info
×
rentry.org(164.132.58.105)
xmr-eu1.nanopool.org(162.19.224.121) - mailcious
51.89.23.91
164.132.58.105
2
Info
×
ET POLICY Observed DNS Query to Coin Mining Domain (nanopool .org)
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (CoinMiner)
2.0
M
56
ZeroCERT
1697
2025-03-07 09:52
setup4391.msi
cb07e30a581656a057cd4a4e2a0044b9
Generic Malware
Malicious Library
MSOffice File
CAB
OS Processor Check
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
unpack itself
AntiVM_Disk
VM Disk Size Check
ComputerName
1
Keyword trend analysis
×
Info
×
http://iiwygwqqwksmqmuc.xyz:443/api/client_hello - rule_id: 44112
2
Info
×
iiwygwqqwksmqmuc.xyz(31.192.232.23) - mailcious
31.192.232.23 - mailcious
1
Info
×
http://iiwygwqqwksmqmuc.xyz:443/api/client_hello
2.4
M
12
ZeroCERT
1698
2025-03-07 09:51
http://www.example.com
808b8a39ac157071793624303f8b1d05
RedLine Infostealer
RedLine stealer
Malicious Library
.NET framework(MSIL)
Confuser .NET
UPX
PE File
.NET EXE
PE32
OS Processor Check
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
Windows
DNS
Cryptographic key
1
Keyword trend analysis
×
Info
×
1
2
Info
×
1
195.3.223.35
3.8
M
57
ZeroCERT
1699
2025-03-07 09:50
http://www.example.com
40ca1ead3549731f411d3245b59f9c7b
Malicious Library
.NET framework(MSIL)
Malicious Packer
Antivirus
UPX
PE File
.NET EXE
PE32
OS Processor Check
Check memory
Checks debugger
unpack itself
1
Keyword trend analysis
×
Info
×
1
2
Info
×
1
www.example.com
0.8
M
ZeroCERT
1700
2025-03-07 09:50
http://www.example.com
8333cfbd03a35fc6a741b3d87d5cc24a
Gen1
Generic Malware
Malicious Library
UPX
PE File
PE64
OS Processor Check
DLL
ZIP Format
VirusTotal
Malware
Check memory
Checks debugger
Creates executable files
unpack itself
1
Keyword trend analysis
×
Info
×
1
2
Info
×
1
www.example.com
2.4
M
45
ZeroCERT
1701
2025-03-07 09:50
http://www.example.com
001d7acad697c62d8a2bd742c4955c26
Emotet
Browser Login Data Stealer
Generic Malware
PhysicalDrive
Malicious Library
Malicious Packer
ASPack
UPX
Admin Tool (Sysinternals etc ...)
Antivirus
Anti_VM
PE File
CAB
PE32
OS Processor Check
DLL
ftp
MZP Format
VirusTotal
Malware
PDB
Checks debugger
Creates executable files
unpack itself
installed browsers check
Browser
crashed
1
Keyword trend analysis
×
Info
×
1
2
Info
×
1
www.example.com
4.0
M
42
ZeroCERT
1702
2025-03-07 09:49
widsmob_denoise_win.exe
43af2a37dfe23f1aa1f2a55bb3a39e68
Generic Malware
Malicious Library
Malicious Packer
UPX
PE File
DllRegisterServer
dll
PE32
OS Processor Check
VirusTotal
Malware
2.4
M
54
ZeroCERT
1703
2025-03-07 09:48
http://www.example.com
4f7273dca13701d402588b2c2aeafd1b
Gen1
Emotet
Generic Malware
Malicious Library
UPX
Malicious Packer
PE File
PE64
OS Processor Check
DLL
DllRegisterServer
dll
ZIP Format
Malware
Check memory
Checks debugger
Creates executable files
Ransomware
1
Keyword trend analysis
×
Info
×
1
2
Info
×
1
www.example.com
1.6
M
ZeroCERT
1704
2025-03-07 09:47
random.exe
4ae8af6fba92e19af09d19070b33c7c2
CryptBot
Themida
UPX
Anti_VM
PE File
PE32
VirusTotal
Malware
Check memory
Checks debugger
buffers extracted
unpack itself
Checks Bios
Collect installed applications
Detects VMWare
Check virtual network interfaces
AntiVM_Disk
suspicious TLD
sandbox evasion
VMware
anti-virtualization
VM Disk Size Check
installed browsers check
Windows
Browser
DNS
crashed
3
Info
×
httpbin.org(44.196.147.43)
home.fivenn5sr.top()
44.205.219.248
1
Info
×
ET DNS Query to a *.top domain - Likely Hostile
9.2
M
58
ZeroCERT
1705
2025-03-07 09:45
client.exe
9d18a8c42b2137d30b0a637048a73531
Gen1
Generic Malware
Malicious Library
UPX
Anti_VM
PE File
PE64
OS Processor Check
DLL
ZIP Format
VirusTotal
Malware
Check memory
Checks debugger
Creates executable files
unpack itself
2.8
M
35
ZeroCERT
1706
2025-03-06 12:20
VERSION_2.DLL
66e8096b9b061550314a82654ce0fabd
Generic Malware
Malicious Library
Malicious Packer
UPX
PE File
DLL
PE32
OS Processor Check
VirusTotal
Malware
Checks debugger
unpack itself
1.8
26
ZeroCERT
1707
2025-03-06 11:21
VERSION_2.DLL
66e8096b9b061550314a82654ce0fabd
Generic Malware
Malicious Library
Malicious Packer
UPX
PE File
DLL
PE32
OS Processor Check
Browser Info Stealer
VirusTotal
Email Client Info Stealer
Malware
Malicious Traffic
Check memory
Checks debugger
buffers extracted
unpack itself
installed browsers check
Tofsee
Browser
Email
crashed
1
Keyword trend analysis
×
Info
×
https://review.accountprotection.info/upload
4
Info
×
review.accountprotection.info(172.67.173.157)
github.com(20.200.245.247) - mailcious
20.200.245.247 - malware
172.67.173.157
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
6.2
26
ZeroCERT
1708
2025-03-06 11:20
VERSION_2.DLL
66e8096b9b061550314a82654ce0fabd
Generic Malware
Malicious Library
Malicious Packer
UPX
PE File
DLL
PE32
OS Processor Check
Browser Info Stealer
VirusTotal
Malware
Check memory
Checks debugger
buffers extracted
unpack itself
installed browsers check
Tofsee
Browser
4
Info
×
review.accountprotection.info(104.21.96.63)
github.com(20.200.245.247) - mailcious
104.21.96.63
20.200.245.247 - malware
2
Info
×
ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
3.6
26
ZeroCERT
1709
2025-03-06 11:18
VERSION.DLL
9e94126e8a26efd10b2a5b179d64be90
Malicious Library
UPX
PE File
DLL
PE32
OS Processor Check
VirusTotal
Malware
PDB
Code Injection
Check memory
Checks debugger
unpack itself
Windows utilities
WriteConsoleW
Windows
RCE
4.8
46
ZeroCERT
1710
2025-03-06 11:18
Client.exe
71d5270d1a165bb6dec144e16089450d
Malicious Library
.NET framework(MSIL)
Confuser .NET
UPX
PE File
.NET EXE
PE32
OS Processor Check
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
2.6
53
ZeroCERT
First
Previous
111
112
113
114
115
116
117
118
119
120
Next
Last
Total : 53,369cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
