Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
43996
2024-04-23 07:44
CryptONrat.exe
6df70c68f4d3a7f201d0884aefa6d23d
Generic Malware
Malicious Library
Malicious Packer
UPX
PE File
.NET EXE
PE32
DLL
OS Processor Check
VirusTotal
Malware
Check memory
Checks debugger
RWX flags setting
unpack itself
AppData folder
2.8
38
ZeroCERT
43997
2024-04-23 07:48
Sig.exe
b3b47f0db50303c0f3c6f48c55a1b94c
HermeticWiper
PhysicalDrive
Generic Malware
Malicious Library
Malicious Packer
Antivirus
UPX
AntiDebug
AntiVM
PE File
PE32
OS Processor Check
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Email Client Info Stealer
Malware
Cryptocurrency wallets
Cryptocurrency
Buffer PE
AutoRuns
PDB
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
buffers extracted
Creates executable files
unpack itself
Windows utilities
Check virtual network interfaces
Ransomware
Windows
Browser
Email
ComputerName
Remote Code Execution
DNS
Cryptographic key
Software
crashed
1
Info
×
87.120.84.140 - malware
1
Info
×
ET DROP Spamhaus DROP Listed Traffic Inbound group 11
14.6
M
17
ZeroCERT
43998
2024-04-23 07:48
dirtquire.exe
e795115169cc800de0392d6a675d58fd
Generic Malware
Malicious Library
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
unpack itself
crashed
2.2
M
53
ZeroCERT
43999
2024-04-23 07:50
steamworks.exe
3291441f2a54881579b09e90f5c42270
Emotet
Gen1
Generic Malware
Malicious Library
UPX
Admin Tool (Sysinternals etc ...)
Malicious Packer
Anti_VM
PE64
PE File
OS Processor Check
DLL
JPEG Format
ZIP Format
PNG Format
DllRegisterServer
dll
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
1.4
7
ZeroCERT
44000
2024-04-23 07:51
app.exe
12de70d06ed65680914d061347ac1f95
Generic Malware
Malicious Library
PE64
PE File
.NET EXE
VirusTotal
Malware
AutoRuns
suspicious privilege
Check memory
Checks debugger
unpack itself
Windows utilities
Check virtual network interfaces
suspicious process
Windows
ComputerName
5.0
M
24
ZeroCERT
44001
2024-04-23 07:54
steamworks.exe
3a769249441250af9ecf8d26cb5233f5
Emotet
Gen1
Generic Malware
Malicious Library
UPX
Admin Tool (Sysinternals etc ...)
Malicious Packer
Anti_VM
PE64
PE File
OS Processor Check
DLL
JPEG Format
ZIP Format
PNG Format
DllRegisterServer
dll
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
1.4
M
6
ZeroCERT
44002
2024-04-23 11:08
loader.ps1
bc9216dd4399300c9b789251456df0ce
Generic Malware
Antivirus
VirusTotal
Malware
Check memory
unpack itself
1.4
21
ZeroCERT
44003
2024-04-23 11:08
a.ps1
180834e934e06de27c57a76f2ca1be20
Generic Malware
Antivirus
VirusTotal
Malware
Check memory
unpack itself
Windows
Cryptographic key
1.6
20
ZeroCERT
44004
2024-04-23 11:11
Accounts_Ledger.exe
ee6038d5c37842bc34a6e17fd8478339
LokiBot
Malicious Library
.NET framework(MSIL)
UPX
PE File
.NET EXE
PE32
Browser Info Stealer
VirusTotal
Malware
Cryptocurrency wallets
Cryptocurrency
PDB
Check memory
Checks debugger
unpack itself
Ransomware
Browser
ComputerName
4.0
M
44
ZeroCERT
44005
2024-04-23 11:11
WindowsGameBar.exe
421c40695b1537b040830d13b7b860d8
Generic Malware
Malicious Library
PE64
PE File
.NET EXE
VirusTotal
Malware
suspicious privilege
Malicious Traffic
Check memory
Checks debugger
buffers extracted
RWX flags setting
unpack itself
Check virtual network interfaces
Windows
DNS
1
Keyword trend analysis
×
Info
×
http://77.221.151.42/files/stealer.txt
1
Info
×
77.221.151.42 - malware
4
Info
×
ET INFO Dotted Quad Host DLL Request
ET POLICY PE EXE or DLL Windows file download HTTP
ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download
ET HUNTING Suspicious Windows Executable WriteProcessMemory
4.6
M
20
ZeroCERT
44006
2024-04-23 11:12
xx-lavacrypt-dfgs.exe
0aee27ff78ad1b6de193fb9527f2bad1
PE64
PE File
VirusTotal
Malware
Buffer PE
PDB
suspicious privilege
Check memory
Checks debugger
buffers extracted
unpack itself
3.0
M
16
ZeroCERT
44007
2024-04-23 11:13
hatthgola.vmp.dll
9b0f5f96662a11a1ff3f39a3272d70d1
Malicious Library
Malicious Packer
PE File
DLL
PE32
.NET DLL
VirusTotal
Malware
1.8
M
40
ZeroCERT
44008
2024-04-23 11:13
Test.exe
a93233b10537a2cc3d9d1fd07845a2fb
Malicious Library
Malicious Packer
Antivirus
.NET framework(MSIL)
UPX
PE File
.NET EXE
PE32
OS Processor Check
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
2.0
M
53
ZeroCERT
44009
2024-04-23 11:15
iz.ps1
33f70912111412effa6b110349cad484
Generic Malware
Antivirus
VirusTotal
Malware
Check memory
unpack itself
WriteConsoleW
Windows
Cryptographic key
1.6
M
19
ZeroCERT
44010
2024-04-23 11:19
mmfd.exe
bbf48f853fcf1d291cfbc0dfd522e75e
Gen1
Generic Malware
Malicious Library
UPX
Malicious Packer
Antivirus
Anti_VM
PE64
PE File
DLL
OS Processor Check
ftp
wget
VirusTotal
Malware
Check memory
Creates executable files
unpack itself
3.2
M
45
ZeroCERT
First
Previous
2931
2932
2933
2934
2935
2936
2937
2938
2939
2940
Next
Last
Total : 48,322cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
