Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
3961
2020-12-25 10:13
dsyyLswkDAIIRcg.dll
d881de90914041df469bf0576734130b
VirusTotal
Malware
Malicious Traffic
Checks debugger
buffers extracted
RWX flags setting
unpack itself
malicious URLs
sandbox evasion
Windows
Advertising
ComputerName
DNS
Cryptographic key
1
Info
×
173.70.61.180 - mailcious
6.6
M
11
ZeroCERT
3962
2020-12-25 10:13
3tNxsvFvQtwE2J7.exe
9b604a86245aa27e973de4b96cca01f3
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
unpack itself
malicious URLs
Ransomware
Windows
Tor
ComputerName
DNS
crashed
6.6
M
28
ZeroCERT
3963
2020-12-25 10:19
gfers.exe
a7e9e9cf220846cf4886665f5dca877d
VirusTotal
Malware
unpack itself
Remote Code Execution
2.6
M
25
ZeroCERT
3964
2020-12-25 10:22
eatt7jmel.pdf.exe
86cdc85c3d58de12bf6e8783d044a105
VirusTotal
Malware
unpack itself
Remote Code Execution
DNS
crashed
3.6
M
50
ZeroCERT
3965
2020-12-25 10:23
infostati.exe
96fd25d614d52e3d0750471f1ec23165
VirusTotal
Malware
unpack itself
malicious URLs
Remote Code Execution
3.0
M
21
ZeroCERT
3966
2020-12-25 10:35
QDP_03091.exe
303135f92b5f7c5db42510834c946d06
VirusTotal
Malware
Buffer PE
suspicious privilege
Check memory
Checks debugger
buffers extracted
unpack itself
malicious URLs
Windows
DNS
Cryptographic key
5.4
M
14
ZeroCERT
3967
2020-12-25 10:37
QP-10533.exe
7b80992176d91fe6ccb5301fb16e3e40
VirusTotal
Malware
Buffer PE
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
Creates executable files
unpack itself
Windows utilities
suspicious process
AppData folder
malicious URLs
Windows
DNS
Cryptographic key
DDNS
keylogger
2
Info
×
whatgodcannotdodoestnotexist.duckdns.org(79.134.225.92)
79.134.225.92
1
Info
×
ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
14.8
M
15
ZeroCERT
3968
2020-12-25 10:38
QP-60379.exe
79f93748ffb37a31ac69f5d367dab997
VirusTotal
Malware
Buffer PE
suspicious privilege
Check memory
Checks debugger
buffers extracted
unpack itself
malicious URLs
Windows
Cryptographic key
4.6
M
21
ZeroCERT
3969
2020-12-25 10:41
QRP_02277.exe
c78255e20bf9e51a9f928465114d6663
VirusTotal
Malware
Buffer PE
suspicious privilege
Check memory
Checks debugger
buffers extracted
unpack itself
malicious URLs
Windows
Cryptographic key
5.4
M
44
ZeroCERT
3970
2020-12-25 10:42
QRP-0712.exe
afc52682bf18c1834426dee4eacc335f
VirusTotal
Malware
Buffer PE
suspicious privilege
Check memory
Checks debugger
buffers extracted
unpack itself
malicious URLs
Windows
DNS
Cryptographic key
5.4
M
30
ZeroCERT
3971
2020-12-25 17:04
55555555555.jpg.exe
276be4a33f80a91c2010535ff65113cb
0.6
ZeroCERT
3972
2020-12-25 17:06
cred.dll
b34b687a3937cb052ac2c7644eb0f1bd
VirusTotal
Malware
Check memory
unpack itself
crashed
2.4
37
ZeroCERT
3973
2020-12-25 17:11
Ticket__9342.doc
c6e40d689ded34916df7ad8f5463c008
Vulnerability
VirusTotal
Malware
unpack itself
malicious URLs
Windows
1
Keyword trend analysis
×
Info
×
http://sfp.ctrld.site/5uj1u1wtM.php
2
Info
×
sfp.ctrld.site(107.180.27.213)
107.180.27.213 - mailcious
1
Info
×
ET POLICY PE EXE or DLL Windows file download HTTP
4.4
31
ZeroCERT
3974
2020-12-25 17:15
cf1f18b675120f83d0cd94574a6243...
92f013276bd184b61e9912df743051c5
VirusTotal
Malware
MachineGuid
Malicious Traffic
Check memory
Checks debugger
Creates shortcut
Creates executable files
unpack itself
malicious URLs
WriteConsoleW
Tofsee
ComputerName
DNS
crashed
2
Keyword trend analysis
×
Info
×
http://172.105.126.54/campo/s/s
https://www.yahoo.com/
5
Info
×
yahoo.com(98.137.11.163)
www.yahoo.com(202.165.107.50)
74.6.143.26
172.105.126.54
202.165.107.49
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
7.0
6
ZeroCERT
3975
2020-12-26 12:58
file.exe
71e9e13ca8e3a30fd03afa468373b73e
VirusTotal
Malware
unpack itself
Remote Code Execution
2.8
M
30
ZeroCERT
First
Previous
261
262
263
264
265
266
267
268
269
270
Next
Last
Total : 48,352cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword