Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
44206
2021-02-17 15:26
work.exe
b896f63a3a842e2ca679f8f85c182a56
Malware
suspicious privilege
Code Injection
Malicious Traffic
Check memory
Checks debugger
buffers extracted
unpack itself
Windows utilities
Check virtual network interfaces
malicious URLs
WriteConsoleW
Tofsee
Windows
DNS
Cryptographic key
1
Keyword trend analysis
×
Info
×
https://www.google.com/
4
Info
×
www.google.com(172.217.25.100)
211.216.46.24
216.58.220.196
172.217.24.68
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
11.2
M
ZeroCERT
44207
2021-02-17 15:25
xmr32.exe
97d89d25e9589f995d374cb7d89b4433
VirusTotal
Malware
malicious URLs
WriteConsoleW
3.0
M
59
ZeroCERT
44208
2021-02-17 15:05
https://www.minpic.de/k/big0/1...
b02a2796a8a518cb042081c31f4da3f5
VirusTotal
Malware
Code Injection
RWX flags setting
unpack itself
Windows utilities
malicious URLs
Windows
1
Info
×
www.minpic.de(172.67.132.56) - mailcious
3.0
r0d
44209
2021-02-17 14:01
Invoke.lnk
a94b65e89b5f35ff434fc2d34c919f7c
VirusTotal
Malware
Code Injection
Check memory
Creates shortcut
RWX flags setting
unpack itself
suspicious process
Interception
1
Info
×
www.minpic.de(172.67.132.56) - mailcious
4.0
16
ZeroCERT
44210
2021-02-17 13:55
8.oprt.exe
8fe3bd4d5898f1fd59347f9db14373f8
VirusTotal
Malware
Report
PDB
suspicious privilege
Checks debugger
buffers extracted
unpack itself
Check virtual network interfaces
ComputerName
DNS
5
Info
×
142.202.191.164 - mailcious
194.5.249.156 - phishing
45.155.173.242
108.170.20.75
185.163.45.138
4
Info
×
ET CNC Feodo Tracker Reported CnC Server group 16
ET CNC Feodo Tracker Reported CnC Server group 4
ET CNC Feodo Tracker Reported CnC Server group 2
ET CNC Feodo Tracker Reported CnC Server group 8
6.4
9
ZeroCERT
44211
2021-02-17 13:51
attach_421987_2011782973.xls
3cba8951a4f7d01b0a4c36a05dd5bd54
VirusTotal
Malware
unpack itself
malicious URLs
DNS
2
Info
×
detectportal.firefox.com(34.107.221.82)
mozilla.org(44.236.48.31)
2.6
2
ZeroCERT
44212
2021-02-17 13:49
6hyuyj.exe
77be0dd6570301acac3634801676b5d7
VirusTotal
Malware
malicious URLs
IP Check
crashed
1
Info
×
api.ipify.org(54.243.164.148)
3.0
M
61
ZeroCERT
44213
2021-02-17 13:45
http://hilltopmagic.xyz/dVhFtc...
d41d8cd98f00b204e9800998ecf8427e
Code Injection
RWX flags setting
unpack itself
Windows utilities
malicious URLs
Windows
1
Info
×
hilltopmagic.xyz(188.225.75.54)
2.6
ZeroCERT
44214
2021-02-17 13:39
work.exe
b896f63a3a842e2ca679f8f85c182a56
Check memory
Checks debugger
unpack itself
Check virtual network interfaces
Windows
Cryptographic key
1
Info
×
www.google.com(216.58.197.228)
2.2
ZeroCERT
44215
2021-02-17 13:37
xmr32.exe
97d89d25e9589f995d374cb7d89b4433
VirusTotal
Malware
malicious URLs
WriteConsoleW
2
Info
×
mozilla.org(44.235.246.155)
detectportal.firefox.com(34.107.221.82)
3.0
M
59
ZeroCERT
44216
2021-02-17 13:23
work.exe
017521d0bb61bc2f48fd865b5a29a069
VirusTotal
Malware
suspicious privilege
Checks debugger
RWX flags setting
unpack itself
malicious URLs
WriteConsoleW
Windows
DNS
Cryptographic key
DDNS
crashed
1
Info
×
binancino.hopto.org(136.244.100.20)
1
Info
×
ET POLICY DNS Query to DynDNS Domain *.hopto .org
5.4
M
50
ZeroCERT
44217
2021-02-17 13:23
vbc.exe
b9609685b1685626956a7d93edca6c49
VirusTotal
Malware
MachineGuid
Check memory
Checks debugger
unpack itself
malicious URLs
3.4
M
57
ZeroCERT
44218
2021-02-17 11:43
v.exe
e23246d5a16fd344dfd2fc7177d43890
VirusTotal
Malware
Checks debugger
unpack itself
DNS
crashed
3.4
M
15
ZeroCERT
44219
2021-02-17 11:43
rv.exe
6a9ff2133c36e8ccda6a61a13460f938
VirusTotal
Malware
suspicious process
malicious URLs
crashed
2.6
M
13
ZeroCERT
44220
2021-02-17 11:39
oxchjdfgbnv.exe
753f316cffd68bd3c5161c8387a770b4
VirusTotal
Malware
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
malicious URLs
1
Info
×
hanxlas.ac.ug(185.215.113.77) - mailcious
7.2
M
20
ZeroCERT
First
Previous
2941
2942
2943
2944
2945
2946
2947
2948
2949
2950
Next
Last
Total : 49,394cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword