Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
4111
2020-12-31 09:25
ntB.dll
4da066bbfe178014ed1042ce90b87ab0
VirusTotal
Malware
Malicious Traffic
Checks debugger
RWX flags setting
unpack itself
malicious URLs
sandbox evasion
Windows
Advertising
ComputerName
DNS
Cryptographic key
1
Keyword trend analysis
×
Info
×
http://97.120.3.198/ddtqmp8d/ - rule_id: 196
1
Info
×
97.120.3.198 - mailcious
1
Info
×
http://97.120.3.198/
6.8
M
52
guest
4112
2020-12-31 09:25
PTVqbey4bnBm.dll
db3572cb1e8682908b363983da4c9fb7
VirusTotal
Malware
unpack itself
1.8
M
18
guest
4113
2020-12-31 09:26
PTVqbey4bnBm.dll
db3572cb1e8682908b363983da4c9fb7
VirusTotal
Malware
Check memory
unpack itself
crashed
2.2
M
18
guest
4114
2020-12-31 09:30
PTVqbey4bnBm.dll
db3572cb1e8682908b363983da4c9fb7
VirusTotal
Malware
unpack itself
1.8
M
18
guest
4115
2020-12-31 09:35
PTVqbey4bnBm.dll
db3572cb1e8682908b363983da4c9fb7
VirusTotal
Malware
Check memory
unpack itself
crashed
2.2
M
18
조광섭
4116
2020-12-31 09:39
1U1F9BOcwVrRM0J.dll
b7326f6246a4c5e08d90897900660900
VirusTotal
Malware
PDB
Check memory
unpack itself
crashed
2.2
M
5
ZeroCERT
4117
2020-12-31 09:41
add.exe
e6731de795cc99d6186f1d94ff5a03e6
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Email Client Info Stealer
Malware
AutoRuns
suspicious privilege
Check memory
Checks debugger
Creates executable files
unpack itself
Windows utilities
suspicious process
AppData folder
malicious URLs
WriteConsoleW
Windows
Browser
Email
ComputerName
DNS
Cryptographic key
Software
crashed
keylogger
12.2
M
31
ZeroCERT
4118
2020-12-31 10:40
202012304100001693127591.xml
913198164fca03015ea8b0d386ab9dc9
Code Injection
buffers extracted
RWX flags setting
exploit crash
unpack itself
Windows utilities
malicious URLs
AntiVM_Disk
VM Disk Size Check
Windows
Exploit
DNS
crashed
5.0
guest
4119
2020-12-31 10:46
backupss.exe
5ae7dbe456a39f6c8df247de9c78203d
VirusTotal
Malware
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
malicious URLs
Ransomware
Windows
Tor
ComputerName
Cryptographic key
crashed
13.4
20
guest
4120
2020-12-31 10:46
apdf.exe
4091edb6fc4ddec9dc69a3a6dd60d929
Browser Info Stealer
VirusTotal
Malware
powershell
AutoRuns
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
buffers extracted
WMI
Creates shortcut
Creates executable files
unpack itself
powershell.exe wrote
suspicious process
malicious URLs
AntiVM_Disk
WriteConsoleW
VM Disk Size Check
Windows
Browser
ComputerName
DNS
Cryptographic key
1
Info
×
191.96.184.151
15.0
M
34
guest
4121
2020-12-31 10:53
apdf.exe
4091edb6fc4ddec9dc69a3a6dd60d929
VirusTotal
Malware
powershell
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
Creates shortcut
Creates executable files
unpack itself
powershell.exe wrote
suspicious process
malicious URLs
AntiVM_Disk
WriteConsoleW
VM Disk Size Check
Windows
ComputerName
Cryptographic key
12.4
M
34
guest
4122
2020-12-31 10:53
backupss.exe
5ae7dbe456a39f6c8df247de9c78203d
VirusTotal
Malware
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
malicious URLs
Windows
ComputerName
DNS
Cryptographic key
crashed
12.8
20
guest
4123
2020-12-31 11:09
DD43U3WXxrMTbA22Ju3if.dll
afb425fd0e3179ac845460ad64dfc5af
VirusTotal
Malware
PDB
Malicious Traffic
Checks debugger
RWX flags setting
unpack itself
malicious URLs
sandbox evasion
Windows
Advertising
ComputerName
DNS
Cryptographic key
1
Keyword trend analysis
×
Info
×
http://152.170.79.100/qmi8q/2o9jenuqg6cer7s5k1u/
1
Info
×
152.170.79.100
6.2
M
6
guest
4124
2020-12-31 11:10
BQ6MVTJ11SGRVO.doc
e9b04eb44ff9cfcf6ca5777220d0a2ce
Vulnerability
VirusTotal
Malware
Malicious Traffic
unpack itself
malicious URLs
Windows
DNS
1
Keyword trend analysis
×
Info
×
http://75.188.107.174/3pe1sf1aq/gjy41l4bvk1k02u04g/7ubkzunm4sefjgpe/5zip2hvnd/ - rule_id: 205
3
Info
×
mediatorstewart.com(192.169.217.36) - malware
75.188.107.174 - mailcious
192.169.217.36 - malware
3
Info
×
ET POLICY PE EXE or DLL Windows file download HTTP
ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download
ET INFO EXE - Served Attached HTTP
1
Info
×
http://75.188.107.174/
5.2
M
22
guest
4125
2020-12-31 11:31
food.exe
28f2575135c0f9ecbda362500afd6336
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Email Client Info Stealer
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
malicious URLs
Ransomware
Windows
Browser
Tor
Email
ComputerName
Cryptographic key
Software
crashed
keylogger
12.8
M
21
ZeroCERT
First
Previous
271
272
273
274
275
276
277
278
279
280
Next
Last
Total : 48,355cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword