Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
3961
2024-05-17 15:34
vnc.exe
a8e4c5bfdec6d09b86b1a522c2348367
Generic Malware
Malicious Library
UPX
Antivirus
PE64
PE File
OS Processor Check
PowerShell
VirusTotal
Malware
powershell
Buffer PE
suspicious privilege
MachineGuid
Check memory
Checks debugger
buffers extracted
Creates shortcut
unpack itself
powershell.exe wrote
suspicious process
Windows
ComputerName
Cryptographic key
5.6
M
45
ZeroCERT
3962
2024-05-17 10:49
artifact-64.exe
92b5de72dcf5bf5202020e7d8d108176
Malicious Library
PE64
PE File
Malware download
Cobalt Strike
Cobalt
VirusTotal
Malware
Malicious Traffic
RWX flags setting
unpack itself
DNS
crashed
1
Keyword trend analysis
×
Info
×
http://3.208.96.244/Meeting/32251816/
1
Info
×
3.208.96.244
1
Info
×
ET MALWARE Successful Cobalt Strike Shellcode Download (x64) M1
3.6
M
61
ZeroCERT
3963
2024-05-17 10:47
artifact.exe
242ffae14d520fa9b735110f360555fe
Malicious Library
PE File
PE32
VirusTotal
Malware
Malicious Traffic
RWX flags setting
unpack itself
ComputerName
DNS
2
Keyword trend analysis
×
Info
×
http://3.208.96.244/Meeting/32251817/
http://3.208.96.244/functionalStatus?_=akHJt5kS0V1vD1MLEl37ga-62Onbn5iab85VnN79WGQdX1okABKjVc-2arUDYJU2m2hYIMBWlkFdp3nFm87GgyDD2HnGoXHOC4KG2FE-ZQv2sB23pRr3VmS-SFmS75oLazFuDGyXNR2PjZmU9f3JKlWVrezmIhrFxXtTNOUZtzU
1
Info
×
3.208.96.244
4.6
M
58
ZeroCERT
3964
2024-05-17 10:46
%E4%BA%BA%E6%B0%91%E5%BA%86%E7...
d60e2ed8f4d8add3b76df293875e34f9
Malicious Library
UPX
PE File
PE32
ZIP Format
Word 2007 file format(docx)
VirusTotal
Email Client Info Stealer
Malware
AutoRuns
MachineGuid
Check memory
Checks debugger
RWX flags setting
exploit crash
unpack itself
installed browsers check
Windows
Exploit
Browser
Email
Cryptographic key
crashed
6.4
M
48
ZeroCERT
3965
2024-05-17 10:21
소명자료 목록(국세징수법 시행규칙).hwp.lnk...
ba2c9f1ab261a04280ea25becd50fd7e
Generic Malware
Antivirus
AntiDebug
AntiVM
MSOffice File
Lnk Format
HWP
GIF Format
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Code Injection
Check memory
Checks debugger
Creates shortcut
unpack itself
powershell.exe wrote
suspicious process
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
1
Keyword trend analysis
×
Info
×
https://makeoversalon.net.in/wp-content/plugins/wp-custom-taxonomy-image/iiri/re.php
6.6
20
ZeroCERT
3966
2024-05-17 10:16
warm.vbs
75ec9f68a5b62705c115db5119a78134
Antivirus
VirusTotal
Malware
VBScript
Checks debugger
wscript.exe payload download
suspicious process
Tofsee
ComputerName
DNS
Dropper
1
Keyword trend analysis
×
Info
×
https://makeoversalon.net.in/wp-content/plugins/wp-custom-taxonomy-image/iiri/r.php
2
Info
×
makeoversalon.net.in(5.9.123.217)
5.9.123.217 - mailcious
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
10.0
30
ZeroCERT
3967
2024-05-17 10:13
NZZ_Interview_Kohei Yamamoto.m...
e86a24d9f3a42bbb8edc0ca1f8b3715c
VirusTotal
Malware
0.6
11
ZeroCERT
3968
2024-05-17 10:12
ttt.hta
b5080c0d123ce430f1e28c370a0fa18b
VirusTotal
Malware
Check memory
RWX flags setting
unpack itself
Tofsee
Interception
ComputerName
1
Keyword trend analysis
×
Info
×
https://brandwizer.co.in/green_pad/wp-content/plugins/custom-post-type-maker/essay/r.php
2
Info
×
brandwizer.co.in(5.9.123.217) - mailcious
5.9.123.217 - mailcious
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
2.6
23
ZeroCERT
3969
2024-05-17 10:04
ttt.hta
b5080c0d123ce430f1e28c370a0fa18b
VirusTotal
Malware
crashed
1.0
23
ZeroCERT
3970
2024-05-17 09:59
64.exe
e1517885f6c71f7b3dafa6d4610c4762
Metasploit
Meterpreter
Generic Malware
PE64
PE File
VirusTotal
Malware
DNS
crashed
1
Info
×
79.132.193.215 - mailcious
3.2
M
60
ZeroCERT
3971
2024-05-17 09:57
adduser.exe
510f4e20d3a6e15ac818d7e667bbf300
PE64
PE File
VirusTotal
Malware
Check memory
Windows utilities
suspicious process
WriteConsoleW
Windows
ComputerName
3.2
M
43
ZeroCERT
3972
2024-05-17 09:55
payload.ps1
6e3e796a5c5aeaf86de6402cece4f536
Generic Malware
Antivirus
VirusTotal
Malware
unpack itself
1.4
M
36
ZeroCERT
3973
2024-05-17 09:53
VFTRACE.dll
4b04772148e2c03c0169a6c64e9f25b9
Gen1
Generic Malware
Malicious Library
Malicious Packer
UPX
PE File
DLL
PE32
OS Processor Check
VirusTotal
Malware
PDB
Checks debugger
unpack itself
2.0
M
45
ZeroCERT
3974
2024-05-17 09:51
reverse.exe
94604756b7991e2361c98c1ffd1a50ff
Malicious Packer
PE File
PE32
VirusTotal
Malware
unpack itself
DNS
1
Info
×
79.132.193.215 - mailcious
3.6
M
57
ZeroCERT
3975
2024-05-17 09:50
2023%E5%8F%B0%E7%A9%8D%E9%9B%B...
dca15445c14d440ea25c0d7fb350c4a3
Client SW User Data Stealer
Gen1
browser
info stealer
Generic Malware
Google
Chrome
User Data
Downloader
Malicious Library
UPX
ASPack
Malicious Packer
Http API
PWS
Code injection
Create Service
Socket
DGA
ScreenShot
Escalate priviledges
Steal credential
S
Browser Info Stealer
VirusTotal
Malware
PDB
Code Injection
Checks debugger
Creates executable files
exploit crash
unpack itself
AppData folder
malicious URLs
installed browsers check
Exploit
Browser
ComputerName
Remote Code Execution
crashed
9.2
M
49
ZeroCERT
First
Previous
261
262
263
264
265
266
267
268
269
270
Next
Last
Total : 48,352cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
