Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
43696
2024-03-31 11:30
fuufdfs.exe
b05ef4b68b309f9aefa705d3c0ab50e1
Malicious Library
.NET framework(MSIL)
UPX
PE File
.NET EXE
PE32
OS Processor Check
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
2.0
M
56
ZeroCERT
43697
2024-03-31 11:31
createdloverstogetbackgreatthi...
cde3695e8c23e9e09db22243c899a215
MS_RTF_Obfuscation_Objects
RTF File
doc
VirusTotal
Malware
buffers extracted
exploit crash
unpack itself
Exploit
DNS
crashed
1
Info
×
154.38.188.98 - mailcious
5.2
M
35
ZeroCERT
43698
2024-03-31 11:32
http://www.example.com
5870ef4ab0d94609e0286055db3c7b1c
Craxs RAT
PE File
.NET EXE
PE32
VirusTotal
Malware
PDB
Check memory
Checks debugger
unpack itself
WriteConsoleW
ComputerName
1
Keyword trend analysis
×
Info
×
1
2
Info
×
1
www.example.com
2.8
M
36
ZeroCERT
43699
2024-03-31 11:33
http://www.example.com
b5b2948d407676eab86b1152e7ce5ec4
MS_RTF_Obfuscation_Objects
RTF File
doc
VirusTotal
Malware
Malicious Traffic
exploit crash
unpack itself
Tofsee
Exploit
DNS
crashed
3
Keyword trend analysis
×
Info
×
http://apps.identrust.com/roots/dstrootcax3.p7c
http://103.237.87.56/xampp/fgh/imagepixelloverslove.jpg
https://paste.ee/d/2pg02
6
Info
×
paste.ee(172.67.187.200) - mailcious
uploaddeimagens.com.br(104.21.45.138) - malware
23.210.247.48
172.67.187.200 - mailcious
103.237.87.56 - malware
104.21.45.138 - malware
2
Info
×
ET POLICY Pastebin-style Service (paste .ee) in TLS SNI
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
4.6
M
32
ZeroCERT
43700
2024-03-31 11:35
http://www.example.com
26aee3a7465466d22840f63b13eb1370
Malicious Library
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
PDB
unpack itself
Remote Code Execution
1
Keyword trend analysis
×
Info
×
1
2
Info
×
1
www.example.com
1.8
M
31
ZeroCERT
43701
2024-03-31 11:38
http://www.example.com
78ed7438d98fc5f292e03ee46d54a059
Malicious Library
.NET framework(MSIL)
UPX
PE File
.NET EXE
PE32
OS Processor Check
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
1
Keyword trend analysis
×
Info
×
1
2
Info
×
1
www.example.com
2.0
M
58
ZeroCERT
43702
2024-03-31 11:39
DemagogicAlewife.exe
d6e04d811cf7ab3ae9d204a325000d2a
Malicious Library
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
PDB
unpack itself
Remote Code Execution
2.4
M
51
ZeroCERT
43703
2024-04-01 00:52
http://www.example.com
d6e04d811cf7ab3ae9d204a325000d2a
Malicious Library
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
PDB
Check memory
Remote Code Execution
1
Keyword trend analysis
×
Info
×
1
2
Info
×
1
www.example.com
2.2
M
51
guest
43704
2024-04-01 01:00
http://www.example.com
d6e04d811cf7ab3ae9d204a325000d2a
Malicious Library
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
PDB
Check memory
Remote Code Execution
1
Keyword trend analysis
×
Info
×
1
2
Info
×
1
www.example.com
2.2
M
51
guest
43705
2024-04-01 07:34
Titanium.exe
25a2cc92dba27d59febe862cff866746
RedLine Infostealer
UltraVNC
Malicious Library
UPX
PE File
PE32
OS Processor Check
PDB
suspicious privilege
Check memory
Checks debugger
unpack itself
Windows
Cryptographic key
crashed
3.2
M
ZeroCERT
43706
2024-04-01 07:34
koooooo.exe
90f41880d631e243cec086557cb74d63
Craxs RAT
PE File
.NET EXE
PE32
PDB
Check memory
Checks debugger
unpack itself
WriteConsoleW
ComputerName
1.8
M
ZeroCERT
43707
2024-04-01 07:37
ISetup10.exe
eedbb21196d92b9ef5857d13ff848d6e
Malicious Library
UPX
PE File
PE32
OS Processor Check
PDB
unpack itself
Remote Code Execution
1.2
M
ZeroCERT
43708
2024-04-01 07:37
awpH6iP7gCYM.exe
91aaa299c33ba5714ae1d0fe91caad64
Generic Malware
Downloader
Malicious Library
Malicious Packer
UPX
Antivirus
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
FTP
KeyLogger
P2P
Anti_VM
AntiDebug
AntiVM
powershell
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
Creates shortcut
Creates executable files
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
WriteConsoleW
Windows
ComputerName
Cryptographic key
6.2
M
ZeroCERT
43709
2024-04-01 07:39
crypted.exe
c3455de1df35bc16973cccef3ca8fa0d
Craxs RAT
PE File
.NET EXE
PE32
PDB
Check memory
Checks debugger
unpack itself
WriteConsoleW
ComputerName
1.8
M
ZeroCERT
43710
2024-04-01 07:41
swiiiii.exe
1c7d0f34bb1d85b5d2c01367cc8f62ef
Craxs RAT
PE File
.NET EXE
PE32
PDB
Check memory
Checks debugger
unpack itself
WriteConsoleW
ComputerName
DNS
2
Info
×
193.233.132.150
107.167.110.211
2.4
ZeroCERT
First
Previous
2911
2912
2913
2914
2915
2916
2917
2918
2919
2920
Next
Last
Total : 48,352cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword