Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
2026
2024-07-22 12:22
CrowdStrike.exe
755c0350038daefb29b888b6f8739e81
Generic Malware
Downloader
Malicious Library
UPX
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
PE File
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
WMI
Creates executable files
unpack itself
Windows utilities
suspicious process
AppData folder
malicious URLs
WriteConsoleW
Windows
ComputerName
6.8
23
ZeroCERT
2027
2024-07-22 11:28
archcw.ps1
d5fb489e2165e7091c7bd8a9852670be
Generic Malware
Antivirus
PE File
DLL
PE32
.NET DLL
VirusTotal
Malware
Check memory
Creates executable files
unpack itself
Windows utilities
AppData folder
WriteConsoleW
Windows
Cryptographic key
crashed
4.0
M
1
ZeroCERT
2028
2024-07-22 11:26
AnyClesk.ps1
36b6376a1763c4751be6f698b6bf2ce9
Generic Malware
Antivirus
PE File
DLL
PE32
.NET DLL
VirusTotal
Malware
Buffer PE
Check memory
buffers extracted
Creates executable files
unpack itself
Windows utilities
AppData folder
WriteConsoleW
Windows
Cryptographic key
5.0
M
11
ZeroCERT
2029
2024-07-22 11:24
Web-Source-2.exe
017fe34b7a5a976740fb655f2a6e626d
Generic Malware
Malicious Library
Antivirus
PE File
.NET EXE
PE32
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
powershell.exe wrote
suspicious process
AppData folder
Windows
ComputerName
Cryptographic key
5.0
M
59
ZeroCERT
2030
2024-07-22 11:23
CrowdStrike.exe
755c0350038daefb29b888b6f8739e81
Generic Malware
Malicious Library
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
WMI
Creates executable files
unpack itself
Windows utilities
suspicious process
AppData folder
WriteConsoleW
Windows
ComputerName
6.0
23
ZeroCERT
2031
2024-07-22 11:23
Oxdmnmj-OLD-3.pif
7f8b6cd2d698880ab241c94d3b2ffc66
Generic Malware
Malicious Library
Antivirus
PE File
.NET EXE
PE32
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
suspicious process
AppData folder
Windows
ComputerName
Cryptographic key
4.8
M
61
ZeroCERT
2032
2024-07-22 11:22
cred.dll
765ad3b71d73ed1ae9e4fb004876837e
Amadey
Generic Malware
Malicious Library
UPX
Antivirus
PE File
DLL
PE32
OS Processor Check
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Email Client Info Stealer
Malware
Cryptocurrency wallets
Cryptocurrency
powershell
suspicious privilege
MachineGuid
Malicious Traffic
Check memory
Checks debugger
Creates shortcut
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
sandbox evasion
installed browsers check
Windows
Browser
Email
ComputerName
DNS
Cryptographic key
Software
1
Keyword trend analysis
×
Info
×
http://185.196.8.126/h9fmdW7/index.php - rule_id: 41249
1
Info
×
185.196.8.126 - malware
1
Info
×
http://185.196.8.126/h9fmdW7/index.php
10.0
M
56
ZeroCERT
2033
2024-07-22 11:20
Systray.ps1
628dd8d3aef4624a70735ca05cd4d2ed
Generic Malware
Antivirus
PE File
DLL
PE32
.NET DLL
VirusTotal
Malware
Buffer PE
Check memory
buffers extracted
Creates executable files
unpack itself
Windows utilities
AppData folder
WriteConsoleW
Windows
Cryptographic key
5.0
M
12
ZeroCERT
2034
2024-07-22 11:20
arch.ps1
0427dd4115ad876e9f188d808022d190
Generic Malware
Antivirus
PE File
DLL
PE32
.NET DLL
VirusTotal
Malware
powershell
Buffer PE
AutoRuns
suspicious privilege
Check memory
Checks debugger
buffers extracted
Creates shortcut
Creates executable files
unpack itself
Windows utilities
suspicious process
AppData folder
WriteConsoleW
Windows
ComputerName
Cryptographic key
9.8
M
3
ZeroCERT
2035
2024-07-22 11:18
Nyexjpw-TORRENTOLD.pif
f309fc0fa9fe3fa240901a71700ae650
Generic Malware
Antivirus
PE File
.NET EXE
PE32
VirusTotal
Malware
Buffer PE
PDB
suspicious privilege
Check memory
Checks debugger
buffers extracted
Creates shortcut
unpack itself
suspicious process
AppData folder
Windows
ComputerName
Cryptographic key
6.0
M
57
ZeroCERT
2036
2024-07-22 11:18
CyptpaSPOOFER-3.exe
568785aab4859695ba4937361569b23e
Generic Malware
Malicious Library
Antivirus
PE File
.NET EXE
PE32
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
powershell.exe wrote
suspicious process
AppData folder
Windows
ComputerName
Cryptographic key
5.4
57
ZeroCERT
2037
2024-07-22 11:16
CyptpaSPOOFER-2.exe
e60b4a9e303e2defab24d4566a58dddb
Generic Malware
Malicious Library
Antivirus
PE File
.NET EXE
PE32
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
suspicious process
AppData folder
Windows
ComputerName
Cryptographic key
4.8
M
62
ZeroCERT
2038
2024-07-22 11:15
Mfceum-4.pif
2ca5492f9dbcdaab3facf1768cae5c6d
PE File
PE64
VirusTotal
Malware
MachineGuid
Check memory
Checks debugger
unpack itself
2.6
M
49
ZeroCERT
2039
2024-07-22 11:14
setup.exe
37a7d7b85bfa476e27f2c32666072fc5
Malicious Library
PE File
PE32
VirusTotal
Malware
Checks debugger
WMI
Creates executable files
RWX flags setting
unpack itself
Checks Bios
anti-virtualization
ComputerName
4.6
M
37
ZeroCERT
2040
2024-07-22 11:13
Oxdmnmj-OLD-2.pif
414dc5eb0c47614a9992cb197e7c2629
Generic Malware
Malicious Library
Antivirus
PE File
.NET EXE
PE32
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
powershell.exe wrote
suspicious process
AppData folder
Windows
ComputerName
Cryptographic key
5.4
M
62
ZeroCERT
First
Previous
131
132
133
134
135
136
137
138
139
140
Next
Last
Total : 48,231cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword