Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
44731
2024-05-30 09:55
payload.exe
66ada4e5abd79c602f951401c96d42d9
ScreenShot
AntiDebug
AntiVM
PE File
PE32
VirusTotal
Malware
AutoRuns
suspicious privilege
MachineGuid
Code Injection
Malicious Traffic
Check memory
Checks debugger
buffers extracted
WMI
Creates executable files
Windows utilities
AppData folder
sandbox evasion
Firewall state off
Windows
Browser
ComputerName
DNS
1
Keyword trend analysis
×
Info
×
http://209.145.51.44/tef/tasks.php - rule_id: 35377
6
Info
×
alors.deepdns.cryptostorm.net()
onyx.deepdns.cryptostorm.net()
ns1.any.dns.d0wn.biz()
ns.dotbit.me() - mailcious
ns1.random.dns.d0wn.biz(178.17.170.133) - mailcious
209.145.51.44 - malware
2
Info
×
ET INFO Observed DNS Query to .biz TLD
ET HUNTING GENERIC SUSPICIOUS POST to Dotted Quad with Fake Browser 2
1
Info
×
http://209.145.51.44/tef/tasks.php
15.4
M
69
ZeroCERT
44732
2024-05-30 09:56
c2exe.msi
d457ede045732a5c1e1895304d1dc560
Generic Malware
Malicious Library
MSOffice File
CAB
OS Processor Check
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
unpack itself
AntiVM_Disk
VM Disk Size Check
ComputerName
DNS
1
Info
×
3.141.55.131 - mailcious
3.4
M
35
ZeroCERT
44733
2024-05-30 09:56
TESTAJA.exe
0777a8425eb53fb53a9c9aae696ec559
Malicious Library
UPX
PE File
.NET EXE
PE32
VirusTotal
Malware
MachineGuid
Check memory
Checks debugger
unpack itself
2.2
M
47
ZeroCERT
44734
2024-05-30 09:58
MathGames.exe
936a900b5b8b6ee08a9e71dca253c336
Malicious Library
UPX
PE File
.NET EXE
PE32
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
2.0
M
43
ZeroCERT
44735
2024-05-30 09:58
rev5757.exe
da7b09c790012d9eb2bcddf7ea88a2cd
Metasploit
Generic Malware
PE64
PE File
VirusTotal
Malware
DNS
crashed
1
Info
×
94.139.242.7 - malware
3.6
M
63
ZeroCERT
44736
2024-05-30 10:02
test12.exe
7075f530fba88e477acb8c46ed477f47
Gen1
Generic Malware
Malicious Library
ASPack
UPX
Anti_VM
PE64
PE File
OS Processor Check
DLL
ZIP Format
VirusTotal
Malware
Check memory
Creates executable files
crashed
2.2
M
27
ZeroCERT
44737
2024-05-30 10:02
new.exe
e9782397f502e79774625b3586163e42
Gen1
Generic Malware
Malicious Library
ASPack
UPX
Anti_VM
PE64
PE File
OS Processor Check
DLL
ZIP Format
VirusTotal
Malware
Check memory
Creates executable files
Ransomware
3.6
M
45
ZeroCERT
44738
2024-05-30 10:03
LegoMindStormLauncher.exe
314bbaca914a1b467b0eda456393ba3e
PE File
.NET EXE
PE32
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
DNS
1
Info
×
3.141.55.131 - mailcious
2.6
M
48
ZeroCERT
44739
2024-05-30 10:03
4441.exe
50a2e65a4d576d9aeb3b0b396ae3e898
Metasploit
Meterpreter
Generic Malware
PE64
PE File
VirusTotal
Malware
DNS
crashed
1
Info
×
212.116.121.19
3.6
M
40
ZeroCERT
44740
2024-05-30 10:05
inj2.exe
df3d30ca2e5a619954e0996f40bf8d2d
Malicious Library
Antivirus
UPX
PE File
.NET EXE
PE32
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
1.6
M
29
ZeroCERT
44741
2024-05-30 10:05
LegoMindstorm.exe
9b7103663a9c585dd5069cf68e5dc94f
PE File
.NET EXE
PE32
VirusTotal
Malware
suspicious privilege
Malicious Traffic
Check memory
Checks debugger
unpack itself
suspicious process
DNS
1
Keyword trend analysis
×
Info
×
http://3.141.55.131:8000/csc2exe.msi
1
Info
×
3.141.55.131 - mailcious
1
Info
×
ET POLICY Observed MSI Download
4.6
M
41
ZeroCERT
44742
2024-05-30 10:07
rev1.exe
286a3f0b531a16a03b70c53a85df0e2a
Metasploit
Generic Malware
PE64
PE File
VirusTotal
Malware
DNS
1
Info
×
134.17.14.67
3.0
M
60
ZeroCERT
44743
2024-05-30 10:09
abc12321.exe
fccba4cf2adfccdffaf7b4816f12db9d
Malicious Library
UPX
PE File
.NET EXE
PE32
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
1.6
M
28
ZeroCERT
44744
2024-05-30 10:11
rev5555.exe
f75045a4f4bcd1bc4bb24e2e284e9c68
Metasploit
Generic Malware
PE64
PE File
VirusTotal
Malware
DNS
crashed
1
Info
×
94.139.242.7 - malware
3.6
M
62
ZeroCERT
44745
2024-05-30 10:14
goop.exe
c731fe3c96d4c99b5e0bbfbf0beddcbd
Malicious Library
UPX
PE File
.NET EXE
PE32
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
2.0
M
48
ZeroCERT
First
Previous
2981
2982
2983
2984
2985
2986
2987
2988
2989
2990
Next
Last
Total : 48,318cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
