Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
3301
2025-01-10 12:00
123.exe
29fd97e2ce44268ccac3ebc2bd8ed78c
Malicious Packer
UPX
PE File
PE32
VirusTotal
Malware
unpack itself
DNS
1
Info
×
47.90.142.15 - mailcious
4.0
M
60
ZeroCERT
3302
2025-01-10 11:56
nemesis.dll
388c74339a2511c9d12340a0969a49a6
Malicious Library
Downloader
UPX
PE File
DLL
PE64
OS Processor Check
VirusTotal
Malware
PDB
1.2
M
19
ZeroCERT
3303
2025-01-10 11:56
payload.exe
483563460e53715c6c0a8aeadd85b885
Malicious Packer
UPX
PE File
PE32
VirusTotal
Malware
unpack itself
DNS
1
Info
×
18.209.65.151
3.6
M
66
ZeroCERT
3304
2025-01-10 11:56
chrtrome22.exe
ae96b1fb65498cdf458a52bc197466a5
Malicious Library
UPX
PE File
.NET EXE
PE32
VirusTotal
Malware
MachineGuid
Check memory
Checks debugger
unpack itself
2.2
M
43
ZeroCERT
3305
2025-01-09 12:20
Fixer.exe
2acda1f917022e9e8081ad69b15330c6
RedLine stealer
RedlineStealer
Malicious Library
.NET framework(MSIL)
UPX
PE File
.NET EXE
PE32
OS Processor Check
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
Windows
DNS
Cryptographic key
1
Info
×
89.23.97.121 -
3.8
59
ZeroCERT
3306
2025-01-09 12:18
build1.exe
24b1454141362b9675b17e9d779c5c93
RedLine Infostealer
RedLine stealer
RedlineStealer
Malicious Library
.NET framework(MSIL)
UPX
PE File
.NET EXE
PE32
OS Processor Check
Browser Info Stealer
RedLine
Malware download
FTP Client Info Stealer
VirusTotal
Malware
suspicious privilege
Malicious Traffic
Check memory
Checks debugger
buffers extracted
unpack itself
Collect installed applications
Check virtual network interfaces
installed browsers check
Tofsee
Stealer
Windows
Browser
ComputerName
DNS
Cryptographic key
Software
crashed
2
Keyword trend analysis
×
Info
×
http://77.90.22.45:15352/
https://api.ip.sb/geoip
3
Info
×
api.ip.sb(172.67.75.172) -
104.26.13.31 -
77.90.22.45 -
4
Info
×
ET MALWARE RedLine Stealer - CheckConnect Response
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
SURICATA HTTP unable to match response to request
ET MALWARE Win32/LeftHook Stealer Browser Extension Config Inbound
7.4
64
ZeroCERT
3307
2025-01-09 10:48
recoder-ori.exe
aaf9dfee455084282455cd46f0a4ac2a
PE File
PE32
VirusTotal
Malware
0.4
1
guest
3308
2025-01-08 13:51
same.exe
09bfd52dfee36db96073d2340182affc
Gen1
Emotet
Themida
Malicious Library
UPX
Anti_VM
PE File
CAB
PE32
OS Processor Check
VirusTotal
Malware
AutoRuns
PDB
Checks debugger
Creates executable files
unpack itself
Checks Bios
Detects VMWare
AppData folder
AntiVM_Disk
VMware
anti-virtualization
VM Disk Size Check
Windows
RCE
DNS
crashed
2
Info
×
185.215.113.206
185.215.113.43 - mailcious
11.2
42
ZeroCERT
3309
2025-01-08 13:51
sspicli.dll
109ff3fb0cefd81e8073175171cb3b4b
Generic Malware
Malicious Library
UPX
PE File
DLL
PE64
OS Processor Check
Checks debugger
Windows utilities
Windows
1.2
ZeroCERT
3310
2025-01-08 13:50
test.exe
21945c46e3b1ee896e07ae397a884856
Malicious Library
Malicious Packer
.NET framework(MSIL)
UPX
PE File
.NET EXE
PE32
OS Processor Check
Browser Info Stealer
VirusTotal
Malware
suspicious privilege
MachineGuid
Check memory
Checks debugger
unpack itself
Check virtual network interfaces
IP Check
Windows
Browser
ComputerName
DNS
Cryptographic key
1
Info
×
ip-api.com(208.95.112.1)
1
Info
×
ET INFO External IP Lookup Domain in DNS Lookup (ip-api .com)
4.2
51
ZeroCERT
3311
2025-01-08 13:48
none.exe
c2e8e44c11c1001f4072f7733187351c
Gen1
Emotet
Themida
Malicious Library
UPX
Anti_VM
PE File
CAB
PE32
VirusTotal
Malware
AutoRuns
PDB
Checks debugger
Creates executable files
unpack itself
Checks Bios
Detects VMWare
AppData folder
AntiVM_Disk
VMware
anti-virtualization
VM Disk Size Check
Windows
RCE
DNS
crashed
2
Info
×
185.215.113.206
185.215.113.43 - mailcious
11.0
39
ZeroCERT
3312
2025-01-08 13:47
LummaC2.exe
e05271b0cfba06ea6333a1f006edd129
UPX
PE File
PE32
VirusTotal
Malware
1.2
51
ZeroCERT
3313
2025-01-08 13:46
uu.exe
d92b40747b5d7d55af91583f44f23fd9
Malicious Library
Malicious Packer
.NET framework(MSIL)
UPX
PE File
.NET EXE
PE32
VirusTotal
Malware
IP Check
DNS
DoTNet
4
Info
×
api.ipify.org(104.26.13.205)
freegeoip.net(3.33.130.190)
ip-api.com(208.95.112.1)
217.195.197.170
3
Info
×
ET INFO External IP Lookup Domain in DNS Lookup (ip-api .com)
ET INFO External IP Lookup Domain (ipify .org) in DNS Lookup
ET INFO External IP Lookup Domain (freegeiop .net in DNS lookup)
3.2
60
ZeroCERT
3314
2025-01-08 13:46
Crawl.exe
2d2c7ee748d941798466b19b53da88bb
Generic Malware
Malicious Library
Antivirus
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
PDB
Check memory
Checks debugger
unpack itself
Windows utilities
Windows
ComputerName
crashed
3.0
47
ZeroCERT
3315
2025-01-08 13:46
TEST.exe
3435dfbbe9e1fb098036afcd7b7e0d32
Malicious Library
PE File
PE64
VirusTotal
Malware
PDB
Check memory
Checks debugger
unpack itself
2.2
40
ZeroCERT
First
Previous
221
222
223
224
225
226
227
228
229
230
Next
Last
Total : 53,320cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
