Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
44911
2024-06-07 17:50
packet.dll
2ce150705bbeb30e6c8059cc530043aa
Generic Malware
Malicious Library
PE File
DLL
PE32
PDB
0.2
guest
44912
2024-06-07 17:50
64npf.sys
de7fcc77f4a503af4ca6a47d49b3713d
Generic Malware
UPX
PE64
PE File
OS Processor Check
PDB
0.4
guest
44913
2024-06-07 17:50
wpcap.dll
4633b298d57014627831ccac89a2c50b
Generic Malware
Malicious Library
PE File
DLL
PE32
PDB
0.2
guest
44914
2024-06-07 17:50
packet.dll
2ce150705bbeb30e6c8059cc530043aa
Generic Malware
Malicious Library
PE File
DLL
PE32
PDB
1.2
guest
44915
2024-06-07 17:51
wpcap.dll
4633b298d57014627831ccac89a2c50b
Generic Malware
Malicious Library
PE File
DLL
PE32
PDB
1.6
guest
44916
2024-06-07 17:52
csrs.exe
ed43f6043f51fba6b2a8a4062256154d
Gen1
Generic Malware
Downloader
Malicious Library
UPX
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
FTP
KeyLogger
P2P
persistence
AntiDebug
AntiVM
PE File
PE32
OS P
Creates executable files
unpack itself
AppData folder
malicious URLs
WriteConsoleW
3.4
guest
44917
2024-06-07 17:52
csrs.exe
ed43f6043f51fba6b2a8a4062256154d
Gen1
Generic Malware
Downloader
Malicious Library
UPX
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
FTP
KeyLogger
P2P
persistence
AntiDebug
AntiVM
PE File
PE32
OS P
Creates executable files
unpack itself
AppData folder
malicious URLs
WriteConsoleW
3.4
51
guest
44918
2024-06-07 17:53
csrs.exe
ed43f6043f51fba6b2a8a4062256154d
Gen1
Generic Malware
Downloader
Malicious Library
UPX
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
PE File
PE32
OS P
Creates executable files
unpack itself
AppData folder
malicious URLs
WriteConsoleW
3.4
guest
44919
2024-06-07 17:58
wpd.jpg.exe
1bfe19a314dd31d6adda302f177c3b7c
Gen1
Generic Malware
Downloader
task schedule
UPX
Malicious Library
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
FTP
KeyLogger
P2P
Hijack Network
persistence
AntiD
Malware
SMB
Traffic Potential Scan
suspicious privilege
Malicious Traffic
Check memory
buffers extracted
WMI
Creates executable files
RWX flags setting
unpack itself
Windows utilities
suspicious process
AppData folder
malicious URLs
WriteConsoleW
Windows
ComputerName
Remote Code Execution
DNS
crashed
6
Keyword trend analysis
×
Info
×
http://104.37.187.182/xpxmr.txt
http://104.37.187.182/wpdmd5.txt
http://104.37.187.182/ok/wpd.html
http://104.37.187.182/wpdtest.txt
http://104.37.187.182/shellver.txt
http://104.37.187.182/ver.txt
2
Info
×
139.5.177.32
104.37.187.182
2
Info
×
ET SCAN Behavioral Unusual Port 1433 traffic Potential Scan or Infection
ET SCAN Behavioral Unusual Port 445 traffic Potential Scan or Infection
11.0
46
guest
44920
2024-06-07 17:58
wpd.jpg.exe
1bfe19a314dd31d6adda302f177c3b7c
Gen1
Generic Malware
Downloader
task schedule
UPX
Malicious Library
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
FTP
KeyLogger
P2P
Hijack Network
persistence
AntiD
Malware
SMB
Traffic Potential Scan
suspicious privilege
Malicious Traffic
Check memory
buffers extracted
WMI
Creates executable files
unpack itself
Windows utilities
suspicious process
AppData folder
malicious URLs
WriteConsoleW
Windows
ComputerName
Remote Code Execution
DNS
crashed
6
Keyword trend analysis
×
Info
×
http://104.37.187.182/xpxmr.txt
http://104.37.187.182/wpdmd5.txt
http://104.37.187.182/ok/wpd.html
http://104.37.187.182/wpdtest.txt
http://104.37.187.182/shellver.txt
http://104.37.187.182/ver.txt
2
Info
×
139.5.177.32
104.37.187.182
2
Info
×
ET SCAN Behavioral Unusual Port 1433 traffic Potential Scan or Infection
ET SCAN Behavioral Unusual Port 445 traffic Potential Scan or Infection
10.6
guest
44921
2024-06-07 17:59
wpd.jpg.exe
1bfe19a314dd31d6adda302f177c3b7c
Gen1
Generic Malware
task schedule
Downloader
UPX
Malicious Library
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiD
Malware
SMB
Traffic Potential Scan
suspicious privilege
Malicious Traffic
Check memory
buffers extracted
WMI
Creates executable files
RWX flags setting
unpack itself
Windows utilities
suspicious process
AppData folder
malicious URLs
WriteConsoleW
Ransomware
Windows
ComputerName
Remote Code Execution
DNS
crashed
6
Keyword trend analysis
×
Info
×
http://104.37.187.182/xpxmr.txt
http://104.37.187.182/wpdmd5.txt
http://104.37.187.182/ok/wpd.html
http://104.37.187.182/wpdtest.txt
http://104.37.187.182/shellver.txt
http://104.37.187.182/ver.txt
2
Info
×
139.5.177.32
104.37.187.182
2
Info
×
ET SCAN Behavioral Unusual Port 1433 traffic Potential Scan or Infection
ET SCAN Behavioral Unusual Port 445 traffic Potential Scan or Infection
11.6
guest
44922
2024-06-07 23:22
apache_installservice-win10.cm...
5c308e4bc6c970a6b3fa3db951b6ac1e
Downloader
task schedule
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
FTP
KeyLogger
P2P
Hijack Network
AntiDebug
AntiVM
Windows utilities
WriteConsoleW
Windows
1.0
guest
44923
2024-06-07 23:22
apache_installservice-win10.cm...
5c308e4bc6c970a6b3fa3db951b6ac1e
task schedule
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
FTP
KeyLogger
P2P
Hijack Network
AntiDebug
AntiVM
Windows utilities
WriteConsoleW
Windows
1.0
guest
44924
2024-06-07 23:22
apache_uninstallservice-win10....
9c1c5aa0b87f0183713f5904656a1ef8
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
FTP
KeyLogger
P2P
AntiDebug
AntiVM
Windows utilities
WriteConsoleW
Windows
1.0
guest
44925
2024-06-07 23:29
makecert2.cmd
dc399dc9986b37e8e48fc2a61f9cfcac
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
FTP
KeyLogger
P2P
Hijack Network
AntiDebug
AntiVM
Windows utilities
WriteConsoleW
Windows
1.0
guest
First
Previous
2991
2992
2993
2994
2995
2996
2997
2998
2999
3000
Next
Last
Total : 48,302cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword