Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
2551
2025-01-24 14:03
RDriver.exe
d447549e7c608504091e47ef709a5998
Generic Malware
Malicious Library
Downloader
Antivirus
UPX
PE File
PE64
OS Processor Check
VirusTotal
Malware
powershell
PDB
suspicious privilege
MachineGuid
Check memory
Checks debugger
Creates shortcut
Creates executable files
unpack itself
powershell.exe wrote
suspicious process
Windows
ComputerName
Cryptographic key
2
Info
×
github.com(20.200.245.247) -
20.200.245.247 -
5.4
40
ZeroCERT
2552
2025-01-24 14:03
nicethingsareworkingwithgreatt...
d117eda2dd1980d9fec5fff46bac6a5b
Generic Malware
Downloader
Antivirus
PE File
DLL
PE32
.NET DLL
VirusTotal
Malware
powershell
suspicious privilege
Malicious Traffic
Check memory
Checks debugger
Creates shortcut
Creates executable files
RWX flags setting
unpack itself
Windows utilities
suspicious process
AppData folder
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
1
Keyword trend analysis
×
Info
×
http://198.46.178.132/333/nicegirlfriendvideoentiretimeonbestthingstobe.gIF
1
Info
×
198.46.178.132 -
10.0
28
ZeroCERT
2553
2025-01-24 14:01
niceworkingskillgivenbetterway...
e5dec8c463870f72ec318ad1f48f344c
Generic Malware
Downloader
Antivirus
PE File
DLL
PE32
.NET DLL
VirusTotal
Malware
powershell
suspicious privilege
Malicious Traffic
Check memory
Checks debugger
Creates shortcut
Creates executable files
RWX flags setting
unpack itself
Windows utilities
suspicious process
AppData folder
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
1
Keyword trend analysis
×
Info
×
http://192.210.215.7/78/nicebetterwayforeveryonetounderstandthekissingpowerofthegirl.gIF
1
Info
×
192.210.215.7 -
10.6
29
ZeroCERT
2554
2025-01-24 14:00
SDriver.exe
8100147541b6550b248cc9f49c443605
Generic Malware
Malicious Library
Malicious Packer
UPX
PE File
DllRegisterServer
dll
PE32
OS Processor Check
VirusTotal
Malware
1.4
49
ZeroCERT
2555
2025-01-24 13:59
helps.hta
407c9a93188dc7088e19d688a589c8c5
UPX
PE File
PE32
VirusTotal
Malware
AutoRuns
sandbox evasion
Windows
RCE
2
Info
×
idc6.yjzj.org(122.114.69.29) -
122.114.69.29 -
5.6
60
ZeroCERT
2556
2025-01-24 13:58
villain.ps1
74d44231ab81164d658199884f1fe041
Generic Malware
Antivirus
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
powershell.exe wrote
suspicious process
WriteConsoleW
Windows
ComputerName
Cryptographic key
5.2
7
ZeroCERT
2557
2025-01-24 13:58
e.exe
8461e97514f42d93dccb4ec7f7100453
Browser Login Data Stealer
Generic Malware
Malicious Library
Downloader
Malicious Packer
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
Windows
keylogger
4
Info
×
amalar.camdvr.org(144.126.142.189) -
prosir.casacam.net() -
stopeet.camdvr.org(144.126.142.189) -
144.126.142.189 -
3.4
63
ZeroCERT
2558
2025-01-24 13:57
unins000.exe
e94affb98148fc4e0cfb9a486bb37160
Generic Malware
Malicious Library
Malicious Packer
Admin Tool (Sysinternals etc ...)
UPX
PE File
PE32
MZP Format
OS Processor Check
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
3.0
33
ZeroCERT
2559
2025-01-24 08:40
Screenshot_20250124_095417_Set...
691df5f4110177c419cdf182818d64fd
JPEG Format
guest
2560
2025-01-23 18:45
99999.exe
cd49dea59efe62d7288c76280c38f134
Generic Malware
UPX
PE File
.NET EXE
PE32
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
Creates executable files
unpack itself
Windows utilities
AppData folder
WriteConsoleW
Creates autorun.inf
human activity check
Windows
6.2
M
58
ZeroCERT
2561
2025-01-23 18:41
22.exe
448478c46fe0884972f0047c26da0935
Browser Login Data Stealer
Generic Malware
Malicious Library
Downloader
Malicious Packer
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
Windows
DNS
DDNS
keylogger
9
Info
×
dash1.3utilities.com() - mailcious
bash.mywire.org(192.188.88.248)
dash2.ddns.net()
dash.3utilities.com() - mailcious
bash1.accesscam.org(192.188.88.248)
dash4.ddns.net()
bash2.accesscam.org(192.188.88.248)
dash3.ddns.net()
192.188.88.248
4.4
M
63
ZeroCERT
2562
2025-01-23 18:39
discordupdate.exe
25befffc195ce47401f74afbe942f3ff
Malicious Library
.NET framework(MSIL)
UPX
PE File
.NET EXE
PE32
OS Processor Check
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
2.0
M
59
ZeroCERT
2563
2025-01-23 18:34
eaf175ea-4567-44d0-ba47-1c6686...
0b9c6adaad6b250ad72923c2014b44b0
Malicious Library
Malicious Packer
PE File
.NET EXE
PE32
VirusTotal
Malware
Buffer PE
AutoRuns
suspicious privilege
MachineGuid
Check memory
Checks debugger
buffers extracted
unpack itself
Windows utilities
suspicious process
WriteConsoleW
human activity check
Windows
ComputerName
DNS
DDNS
3
Info
×
sulfux.ddns.net(90.113.179.93)
90.113.178.145
90.113.179.93
11.4
M
61
ZeroCERT
2564
2025-01-23 18:32
update.exe
a47e4a0f261c300fb4b350ba21702cdf
RedLine stealer
Antivirus
ScreenShot
PWS
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
PDB
Code Injection
Check memory
Checks debugger
buffers extracted
ICMP traffic
unpack itself
Windows
DNS
Cryptographic key
2
Info
×
80.76.51.171
185.215.113.22 - malware
11.6
M
53
ZeroCERT
2565
2025-01-23 18:30
Remittance_form.exe
b10bc7e9b22158fcf311a4ad0435d7f5
njRAT
backdoor
Generic Malware
Malicious Library
Antivirus
UPX
PE File
MSOffice File
CAB
PE32
OS Name Check
OS Processor Check
DLL
VirusTotal
Malware
PDB
suspicious privilege
Check memory
Checks debugger
buffers extracted
Creates executable files
unpack itself
AppData folder
AntiVM_Disk
VM Disk Size Check
Windows
ComputerName
RCE
Cryptographic key
crashed
2
Info
×
deskchir.com(80.76.51.171)
80.76.51.171
5.4
M
17
ZeroCERT
First
Previous
171
172
173
174
175
176
177
178
179
180
Next
Last
Total : 53,690cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
