Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
44386
2024-05-17 10:13
NZZ_Interview_Kohei Yamamoto.m...
e86a24d9f3a42bbb8edc0ca1f8b3715c
VirusTotal
Malware
0.6
11
ZeroCERT
44387
2024-05-17 10:16
warm.vbs
75ec9f68a5b62705c115db5119a78134
Antivirus
VirusTotal
Malware
VBScript
Checks debugger
wscript.exe payload download
suspicious process
Tofsee
ComputerName
DNS
Dropper
1
Keyword trend analysis
×
Info
×
https://makeoversalon.net.in/wp-content/plugins/wp-custom-taxonomy-image/iiri/r.php
2
Info
×
makeoversalon.net.in(5.9.123.217)
5.9.123.217 - mailcious
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
10.0
30
ZeroCERT
44388
2024-05-17 10:21
소명자료 목록(국세징수법 시행규칙).hwp.lnk...
ba2c9f1ab261a04280ea25becd50fd7e
Generic Malware
Antivirus
AntiDebug
AntiVM
MSOffice File
Lnk Format
HWP
GIF Format
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Code Injection
Check memory
Checks debugger
Creates shortcut
unpack itself
powershell.exe wrote
suspicious process
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
1
Keyword trend analysis
×
Info
×
https://makeoversalon.net.in/wp-content/plugins/wp-custom-taxonomy-image/iiri/re.php
6.6
20
ZeroCERT
44389
2024-05-17 10:46
%E4%BA%BA%E6%B0%91%E5%BA%86%E7...
d60e2ed8f4d8add3b76df293875e34f9
Malicious Library
UPX
PE File
PE32
ZIP Format
Word 2007 file format(docx)
VirusTotal
Email Client Info Stealer
Malware
AutoRuns
MachineGuid
Check memory
Checks debugger
RWX flags setting
exploit crash
unpack itself
installed browsers check
Windows
Exploit
Browser
Email
Cryptographic key
crashed
6.4
M
48
ZeroCERT
44390
2024-05-17 10:47
artifact.exe
242ffae14d520fa9b735110f360555fe
Malicious Library
PE File
PE32
VirusTotal
Malware
Malicious Traffic
RWX flags setting
unpack itself
ComputerName
DNS
2
Keyword trend analysis
×
Info
×
http://3.208.96.244/Meeting/32251817/
http://3.208.96.244/functionalStatus?_=akHJt5kS0V1vD1MLEl37ga-62Onbn5iab85VnN79WGQdX1okABKjVc-2arUDYJU2m2hYIMBWlkFdp3nFm87GgyDD2HnGoXHOC4KG2FE-ZQv2sB23pRr3VmS-SFmS75oLazFuDGyXNR2PjZmU9f3JKlWVrezmIhrFxXtTNOUZtzU
1
Info
×
3.208.96.244
4.6
M
58
ZeroCERT
44391
2024-05-17 10:49
artifact-64.exe
92b5de72dcf5bf5202020e7d8d108176
Malicious Library
PE64
PE File
Malware download
Cobalt Strike
Cobalt
VirusTotal
Malware
Malicious Traffic
RWX flags setting
unpack itself
DNS
crashed
1
Keyword trend analysis
×
Info
×
http://3.208.96.244/Meeting/32251816/
1
Info
×
3.208.96.244
1
Info
×
ET MALWARE Successful Cobalt Strike Shellcode Download (x64) M1
3.6
M
61
ZeroCERT
44392
2024-05-17 15:34
vnc.exe
a8e4c5bfdec6d09b86b1a522c2348367
Generic Malware
Malicious Library
UPX
Antivirus
PE64
PE File
OS Processor Check
PowerShell
VirusTotal
Malware
powershell
Buffer PE
suspicious privilege
MachineGuid
Check memory
Checks debugger
buffers extracted
Creates shortcut
unpack itself
powershell.exe wrote
suspicious process
Windows
ComputerName
Cryptographic key
5.6
M
45
ZeroCERT
44393
2024-05-17 15:34
findlawthose.exe
0340a002bf0a8c4a243f4bbef0834236
NSIS
Generic Malware
Malicious Library
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
WMI
Creates executable files
Windows utilities
suspicious process
AppData folder
sandbox evasion
WriteConsoleW
Windows
ComputerName
6.2
M
39
ZeroCERT
44394
2024-05-17 15:36
crypted333.exe
e967f019b01357086d92181e6ee28e0b
Generic Malware
Malicious Library
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
unpack itself
crashed
2.2
M
54
ZeroCERT
44395
2024-05-17 15:36
smss.exe
8a9978dfed7583d2e18a8fdcd39a2191
AgentTesla
Malicious Library
.NET framework(MSIL)
PWS
SMTP
KeyLogger
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
7.6
M
45
ZeroCERT
44396
2024-05-18 11:01
eyelidsfix.exe
153f6ec6324b9c4bfc1843e437618953
Malicious Library
Malicious Packer
UPX
PE64
PE File
OS Processor Check
PDB
Check memory
ComputerName
0.8
guest
44397
2024-05-18 20:06
49j8t349t83495vj945jfd.exe
3aac4627c0904126c45ed250a7dee34e
Malicious Library
Malicious Packer
UPX
PE File
PE32
MZP Format
VirusTotal
Malware
Check memory
unpack itself
crashed
2.2
36
ZeroCERT
44398
2024-05-18 20:06
getfile.php
28c1720427cbbd5358a817b609301c7b
ZIP Format
VirusTotal
Malware
0.6
19
ZeroCERT
44399
2024-05-18 20:08
swizzzz.exe
05b11e7b711b4aaa512029ffcb529b5a
Generic Malware
Malicious Library
UPX
PE File
PE32
OS Processor Check
PDB
unpack itself
crashed
1.2
ZeroCERT
44400
2024-05-18 20:10
swizzzz.exe
05b11e7b711b4aaa512029ffcb529b5a
Generic Malware
Malicious Library
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
PDB
unpack itself
DNS
crashed
1
Info
×
185.215.113.66 - malware
1
Info
×
ET DROP Spamhaus DROP Listed Traffic Inbound group 32
2.8
M
35
ZeroCERT
First
Previous
2951
2952
2953
2954
2955
2956
2957
2958
2959
2960
Next
Last
Total : 48,320cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword