Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
346
2024-09-05 15:43
Meeting.sfx.exe
1a679e0ccedfb2c3b8ebaf8d9b22f96a
Generic Malware
Malicious Library
UPX
Malicious Packer
PE File
PE32
OS Processor Check
PNG Format
VirusTotal
Malware
PDB
Check memory
Creates executable files
RWX flags setting
unpack itself
AppData folder
Remote Code Execution
DNS
1
Info
×
89.197.154.115
4.6
51
ZeroCERT
347
2024-09-05 15:43
UpdaterLOC.dll
16834e676f3c8e4de9435cefe2846b50
Swrort
Malicious Library
PE File
DLL
PE32
VirusTotal
Malware
1.2
55
ZeroCERT
348
2024-09-05 15:41
raccountinfo.exe
dcb295f480348248ee1ef163a5ba4df3
Gen1
Malicious Packer
UPX
AntiDebug
AntiVM
PE File
ftp
PE32
OS Processor Check
VirusTotal
Malware
Code Injection
Check memory
Checks debugger
unpack itself
WriteConsoleW
ComputerName
crashed
5.4
16
ZeroCERT
349
2024-09-05 15:41
Accounts.exe
ad29e0e7589772959ed632754b2d0ed5
Malicious Library
PE File
PE64
VirusTotal
Malware
RWX flags setting
DNS
crashed
1
Info
×
89.197.154.115
3
Info
×
SURICATA TLS invalid record type
SURICATA TLS invalid record/traffic
SURICATA Applayer Detect protocol only one direction
2.4
59
ZeroCERT
350
2024-09-05 15:28
data64_6.exe
87953bdf18ba88061cf28ad17116b56f
Generic Malware
Malicious Library
UPX
Downloader
AntiDebug
AntiVM
PE File
PE32
OS Processor Check
DLL
MZP Format
VirusTotal
Malware
PDB
Code Injection
unpack itself
suspicious process
AppData folder
Remote Code Execution
4.4
M
42
guest
351
2024-09-05 11:08
R.exe
fb3065fb8f756f9ccca0ef035ddb0f0d
Gen1
Generic Malware
Malicious Library
UPX
ASPack
Antivirus
Anti_VM
PE File
.NET EXE
PE32
DLL
PE64
OS Processor Check
ZIP Format
VirusTotal
Malware
suspicious privilege
MachineGuid
Check memory
Checks debugger
Creates executable files
unpack itself
AppData folder
AntiVM_Disk
VM Disk Size Check
Windows
ComputerName
Cryptographic key
6.6
58
ZeroCERT
352
2024-09-05 11:07
XWORM-V5.4.exe
741b1f2ee5826897af2ba2ec765296e4
Formbook
Generic Malware
Malicious Library
Admin Tool (Sysinternals etc ...)
.NET framework(MSIL)
UPX
Antivirus
Anti_VM
PE File
.NET EXE
PE32
OS Processor Check
DLL
PE64
suspicious privilege
MachineGuid
Check memory
Checks debugger
Creates executable files
unpack itself
AppData folder
AntiVM_Disk
VM Disk Size Check
Windows
ComputerName
Cryptographic key
5.4
ZeroCERT
353
2024-09-05 11:05
sd2.ps1
25d2ac4189bd84f9d88528ed3c26d6fe
Generic Malware
Antivirus
Malware
powershell
Malicious Traffic
Check memory
unpack itself
Check virtual network interfaces
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
2
Keyword trend analysis
×
Info
×
http://79.124.78.197/index.php?id=&subid=qIOuKk7U - rule_id: 42517
http://79.124.78.197/index.php?id=&subid=qIOuKk7U
1
Info
×
79.124.78.197
1
Info
×
http://79.124.78.197/index.php
4.4
M
ZeroCERT
354
2024-09-05 11:04
castoridaezv.ps1
10b8b561e8cbd458966af621f7f8df7c
Generic Malware
Antivirus
Check memory
Checks debugger
unpack itself
WriteConsoleW
Windows
ComputerName
Cryptographic key
crashed
2.2
M
ZeroCERT
355
2024-09-05 11:01
ywp.exe
6a9213568bc6a19895240ff14fd57329
UPX
PE File
PE32
VirusTotal
Malware
1.2
M
57
ZeroCERT
356
2024-09-05 10:59
gutweedtE.exe
c194c15101c7b0b66550938d65b403db
Generic Malware
Malicious Library
ASPack
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
Cryptocurrency wallets
Cryptocurrency
Check memory
unpack itself
ComputerName
3.2
M
59
ZeroCERT
357
2024-09-05 10:57
66d60cd3ce002_SeparatelyDied.e...
1959ce1e98b798963f8b7d04bfb71e69
Generic Malware
Malicious Library
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
WMI
Creates executable files
Windows utilities
suspicious process
AppData folder
sandbox evasion
WriteConsoleW
Windows
ComputerName
6.6
M
31
ZeroCERT
358
2024-09-05 10:57
66d59ef9d4404_premium.exe#upus
68ebcc4ad727c077aeb5cc60b868e304
Malicious Library
.NET framework(MSIL)
UPX
PE File
.NET EXE
PE32
OS Processor Check
VirusTotal
Malware
PDB
Check memory
Checks debugger
unpack itself
ComputerName
Remote Code Execution
3.2
M
46
ZeroCERT
359
2024-09-05 08:51
66d8985a256af_installer.exe
4b0348bf0a8544b5c6b90c79bbeca054
Malicious Library
UPX
PE File
PE64
Checks debugger
Creates executable files
unpack itself
crashed
1.2
ZeroCERT
360
2024-09-05 08:51
66d89809e92e0_favorite.exe#rea...
cba5724bc1281aa004c0d66fd8045d7b
Malicious Library
UPX
PE File
.NET EXE
PE32
OS Processor Check
PDB
Check memory
Checks debugger
unpack itself
ComputerName
1.8
M
ZeroCERT
First
Previous
21
22
23
24
25
26
27
28
29
30
Next
Last
Total : 48,197cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
