Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
3586
2024-05-30 09:58
rev5757.exe
da7b09c790012d9eb2bcddf7ea88a2cd
Metasploit
Generic Malware
PE64
PE File
VirusTotal
Malware
DNS
crashed
1
Info
×
94.139.242.7 - malware
3.6
M
63
ZeroCERT
3587
2024-05-30 09:58
MathGames.exe
936a900b5b8b6ee08a9e71dca253c336
Malicious Library
UPX
PE File
.NET EXE
PE32
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
2.0
M
43
ZeroCERT
3588
2024-05-30 09:56
TESTAJA.exe
0777a8425eb53fb53a9c9aae696ec559
Malicious Library
UPX
PE File
.NET EXE
PE32
VirusTotal
Malware
MachineGuid
Check memory
Checks debugger
unpack itself
2.2
M
47
ZeroCERT
3589
2024-05-30 09:56
c2exe.msi
d457ede045732a5c1e1895304d1dc560
Generic Malware
Malicious Library
MSOffice File
CAB
OS Processor Check
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
unpack itself
AntiVM_Disk
VM Disk Size Check
ComputerName
DNS
1
Info
×
3.141.55.131 - mailcious
3.4
M
35
ZeroCERT
3590
2024-05-30 09:55
payload.exe
66ada4e5abd79c602f951401c96d42d9
ScreenShot
AntiDebug
AntiVM
PE File
PE32
VirusTotal
Malware
AutoRuns
suspicious privilege
MachineGuid
Code Injection
Malicious Traffic
Check memory
Checks debugger
buffers extracted
WMI
Creates executable files
Windows utilities
AppData folder
sandbox evasion
Firewall state off
Windows
Browser
ComputerName
DNS
1
Keyword trend analysis
×
Info
×
http://209.145.51.44/tef/tasks.php - rule_id: 35377
6
Info
×
alors.deepdns.cryptostorm.net()
onyx.deepdns.cryptostorm.net()
ns1.any.dns.d0wn.biz()
ns.dotbit.me() - mailcious
ns1.random.dns.d0wn.biz(178.17.170.133) - mailcious
209.145.51.44 - malware
2
Info
×
ET INFO Observed DNS Query to .biz TLD
ET HUNTING GENERIC SUSPICIOUS POST to Dotted Quad with Fake Browser 2
1
Info
×
http://209.145.51.44/tef/tasks.php
15.4
M
69
ZeroCERT
3591
2024-05-30 09:54
cs2exe.msi
5b7f24d739a68d14b253c0c387e89052
Generic Malware
Malicious Library
MS_Excel_Hidden_Macro_Sheet
MSOffice File
CAB
OS Processor Check
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
unpack itself
AntiVM_Disk
VM Disk Size Check
ComputerName
DNS
1
Info
×
3.141.55.131 - mailcious
3.4
M
36
ZeroCERT
3592
2024-05-30 09:52
hoops.exe
0446fd1ab00e877ee83132179991399f
Malicious Library
UPX
PE File
.NET EXE
PE32
VirusTotal
Malware
MachineGuid
Check memory
Checks debugger
unpack itself
1.8
M
27
ZeroCERT
3593
2024-05-30 09:52
rev5656.exe
6a9cbc059911a2dc01fbdb901a0107e8
Metasploit
Generic Malware
PE64
PE File
VirusTotal
Malware
DNS
crashed
1
Info
×
94.139.242.7 - malware
3.6
M
61
ZeroCERT
3594
2024-05-30 09:50
reverse.exe
4d26ca2043c4603d6c5b6f235811b779
Metasploit
Generic Malware
PE64
PE File
VirusTotal
Malware
DNS
crashed
1
Info
×
46.243.186.75
3.6
M
61
ZeroCERT
3595
2024-05-30 09:50
applesandoranges.exe
f76f6ac322b276b7d3f3996606b60abf
PE File
.NET EXE
PE32
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
DNS
1
Info
×
206.238.220.253
1.8
M
3
ZeroCERT
3596
2024-05-30 09:48
setup%E8%87%AA%E6%9F%A5%E5%85%...
068fb7605542cd8350ed34ec2d767856
Generic Malware
Downloader
Malicious Library
UPX
Malicious Packer
Antivirus
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P
VirusTotal
Malware
AutoRuns
Code Injection
Malicious Traffic
Check memory
Checks debugger
Creates shortcut
Creates executable files
RWX flags setting
unpack itself
AppData folder
malicious URLs
AntiVM_Disk
sandbox evasion
WriteConsoleW
VM Disk Size Check
human activity check
Windows
Browser
ComputerName
DNS
crashed
1
Keyword trend analysis
×
Info
×
http://154.220.255.213/7773/cdyxf.png
2
Info
×
154.220.255.213
206.238.220.253
10.6
28
ZeroCERT
3597
2024-05-30 09:48
itit.exe
a63b46b7836c6c260dc4b37d7c640d3f
Metasploit
Meterpreter
Generic Malware
PE64
PE File
VirusTotal
Malware
DNS
crashed
1
Info
×
94.139.242.7 - malware
3.6
M
62
ZeroCERT
3598
2024-05-30 09:48
cry.exe
7855306588f4a86b9a9c60a6f0bb086c
Generic Malware
Malicious Library
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
unpack itself
crashed
2.4
M
51
ZeroCERT
3599
2024-05-30 09:45
rev.exe
b3e1688a68a66cf3844242de091a1dde
Metasploit
Generic Malware
PE64
PE File
DNS
crashed
1
Info
×
94.139.242.7 - malware
2.4
M
ZeroCERT
3600
2024-05-30 09:44
inj.exe
0d7664e86105cc3d9bb033f98c6dcb7e
Malicious Library
UPX
PE File
.NET EXE
PE32
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
1.6
M
29
ZeroCERT
First
Previous
231
232
233
234
235
236
237
238
239
240
Next
Last
Total : 48,320cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
