Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
2266
2024-07-14 17:56
1.exe
2b292145e4ec28e8bd8b22c1353543d1
Malicious Library
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
unpack itself
2.2
M
34
ZeroCERT
2267
2024-07-14 17:56
Q-backup.exe
55f03bade4a94d05b69e40b38b8554ae
Malicious Library
.NET framework(MSIL)
PE File
.NET EXE
PE32
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
unpack itself
Windows
ComputerName
Cryptographic key
3.2
M
59
ZeroCERT
2268
2024-07-14 17:54
Microsoft_Service.exe
1644c4839846a1b6524e38071528a564
Malicious Library
Malicious Packer
Antivirus
.NET framework(MSIL)
UPX
PE File
.NET EXE
PE32
OS Processor Check
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
2.0
M
63
ZeroCERT
2269
2024-07-14 17:53
Ndhqvdmn-1.exe
db361206702d61f0beff5f87508152e5
Generic Malware
Malicious Library
Antivirus
PE File
.NET EXE
PE32
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
powershell.exe wrote
suspicious process
AppData folder
Windows
ComputerName
Cryptographic key
5.4
M
57
ZeroCERT
2270
2024-07-14 17:52
random.exe
233ea23b1c1587f1cf895f08ba6da10b
Malicious Library
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
unpack itself
2.4
M
61
ZeroCERT
2271
2024-07-14 17:52
random.dll
0693990c67e447b84f9055a43cf88974
Malicious Library
PE File
DLL
PE32
VirusTotal
Malware
unpack itself
1.4
M
19
ZeroCERT
2272
2024-07-14 17:49
TG-Source-2.exe
6cdd7805c45cd8fe70d7ed669060d53c
Generic Malware
Malicious Library
.NET framework(MSIL)
Antivirus
PE File
.NET EXE
PE32
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
suspicious process
AppData folder
Windows
ComputerName
Cryptographic key
4.4
M
58
ZeroCERT
2273
2024-07-14 17:49
overlay2.exe
276c27a0dde03ec7a01d2ae077a1ec0d
Malicious Library
.NET framework(MSIL)
PE File
.NET EXE
PE32
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
unpack itself
Windows
ComputerName
Cryptographic key
3.2
M
62
ZeroCERT
2274
2024-07-14 17:47
build16666.exe
4640faeafa95ce219c649e9f5cbffd75
Generic Malware
Malicious Library
PE File
PE64
VirusTotal
Malware
Check memory
unpack itself
1.8
M
53
ZeroCERT
2275
2024-07-14 17:47
availableresearchpro.exe
73e3c089e5e10d52872ee4f434bd6d23
Gen1
Emotet
Malicious Library
UPX
Malicious Packer
.NET framework(MSIL)
PE File
PE64
CAB
.NET EXE
PE32
VirusTotal
Malware
AutoRuns
PDB
Check memory
Checks debugger
Creates executable files
unpack itself
AppData folder
Windows
ComputerName
Remote Code Execution
5.0
M
51
ZeroCERT
2276
2024-07-14 17:45
random.dll
f2c158f71dec27759a60227b449e848a
Malicious Library
PE File
DLL
PE32
VirusTotal
Malware
unpack itself
1.4
M
19
ZeroCERT
2277
2024-07-14 17:45
Trkyzwvg-TG-A.exe
2e12b69ae7aa5d931a6aa3bf554071df
Generic Malware
.NET framework(MSIL)
Antivirus
PE File
.NET EXE
PE32
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
powershell.exe wrote
suspicious process
AppData folder
Windows
ComputerName
Cryptographic key
5.4
M
54
ZeroCERT
2278
2024-07-12 17:01
Sеtup.exe
56a5cb142c58843c3ed84e02d2af1a2c
Generic Malware
Admin Tool (Sysinternals etc ...)
UPX
PE File
PE32
Browser Info Stealer
VirusTotal
Malware
Malicious Traffic
Check memory
buffers extracted
unpack itself
Collect installed applications
suspicious TLD
anti-virtualization
installed browsers check
Browser
ComputerName
DNS
1
Keyword trend analysis
×
Info
×
http://tzeight8vt.top/v1/upload.php
2
Info
×
tzeight8vt.top(185.251.89.18)
185.251.89.18
2
Info
×
ET DNS Query to a *.top domain - Likely Hostile
ET INFO HTTP Request to a *.top domain
6.6
45
ZeroCERT
2279
2024-07-12 16:26
Update.js
aec7249b3d61d42aec7e3723176b5fb5
VBScript
wscript.exe payload download
Tofsee
crashed
Dropper
1
Keyword trend analysis
×
Info
×
https://trw.parish.chuathuongxot.org/orderReview
2
Info
×
trw.parish.chuathuongxot.org(23.95.182.12)
23.95.182.12 - mailcious
2
Info
×
ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
10.0
guest
2280
2024-07-12 16:02
hm.hm.hm.hmhmhm.doc
84bafe55d9087cdfce20ebdd74b8610f
MS_RTF_Obfuscation_Objects
RTF File
doc
VirusTotal
Malware
Malicious Traffic
exploit crash
unpack itself
Tofsee
Exploit
DNS
crashed
3
Keyword trend analysis
×
Info
×
http://139.99.220.222/55066/crosscheckrosefloweronhairbeauty.gIF
https://pastecode.dev/raw/6l7qjjrz/paste1.txt - rule_id: 41177
https://ia803405.us.archive.org/16/items/new_image_202406/new_image.jpg
5
Info
×
pastecode.dev(172.66.43.27) - mailcious
ia803405.us.archive.org(207.241.232.195) - mailcious
207.241.232.195 - mailcious
172.66.43.27 - mailcious
139.99.220.222 - malware
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
1
Info
×
https://pastecode.dev/raw/6l7qjjrz/paste1.txt
4.6
M
33
ZeroCERT
First
Previous
151
152
153
154
155
156
157
158
159
160
Next
Last
Total : 48,289cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword