Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
45181
2024-06-08 05:28
vbrunas.vbs
0c8b0a86c4471f075663aa5b6227d5bb
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
malicious URLs
crashed
1.0
guest
45182
2024-06-08 05:29
mysql_installservice-win10.cmd
c3f725b9691259bd095bff47aa0ab077
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
FTP
KeyLogger
P2P
AntiDebug
AntiVM
Windows utilities
WriteConsoleW
Windows
1.0
guest
45183
2024-06-08 05:29
firewall-win10-open-oa.cmd
c14d829053bc52e0df45f97cfa6913ac
task schedule
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
FTP
KeyLogger
P2P
AntiDebug
AntiVM
Windows utilities
malicious URLs
WriteConsoleW
Firewall state off
Windows
2.0
guest
45184
2024-06-08 05:29
oa-importcert.cmd
4d3f949bda6999f920d5338e785f75f2
Downloader
task schedule
Socket
PWS
SMTP
DNS
Create Service
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
Sniff Audio
HTTP
Code injection
Internet API
FTP
KeyLogger
P2P
AntiDebug
AntiVM
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
malicious URLs
WriteConsoleW
Windows
ComputerName
Cryptographic key
5.0
guest
45185
2024-06-08 05:30
stopservices.cmd
ca1880f2d6fb1b32595c049c9d7dc1db
Downloader
task schedule
Create Service
Socket
Http API
Steal credential
PWS
DNS
Internet API
DGA
ScreenShot
Escalate priviledges
Sniff Audio
HTTP
Code injection
FTP
KeyLogger
P2P
AntiDebug
AntiVM
Windows utilities
WriteConsoleW
Windows
1.0
guest
45186
2024-06-08 05:30
mysql_uninstallservice-win10.c...
160aaa5a69bf0fd6fbf89a84b8fad035
Downloader
task schedule
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
FTP
KeyLogger
P2P
AntiDebug
AntiVM
Windows utilities
WriteConsoleW
Windows
1.0
guest
45187
2024-06-08 05:30
startservices.cmd
cae3961f999cc4885834fd3a5dec3f09
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
FTP
KeyLogger
P2P
AntiDebug
AntiVM
Windows utilities
WriteConsoleW
Windows
1.0
guest
45188
2024-06-08 17:04
sys.exe
99a282853f148177787dc58187f5cad0
Malicious Library
PE File
PE32
VirusTotal
Malware
RWX flags setting
unpack itself
suspicious TLD
DNS
1
Info
×
aaa.feeds.123456.v2ray1.mmsy.top()
1
Info
×
ET DNS Query to a *.top domain - Likely Hostile
3.4
M
62
ZeroCERT
45189
2024-06-08 17:04
Client-built.exe
16f3ac9a4ca5183fec9a3a21fd3488e1
Malicious Library
Malicious Packer
.NET framework(MSIL)
UPX
PE File
.NET EXE
PE32
Malware download
NetWireRC
VirusTotal
Malware
IP Check
RAT
DNS
1
Keyword trend analysis
×
Info
×
http://ip-api.com/json/
3
Info
×
ip-api.com(208.95.112.1)
39.105.31.193
208.95.112.1
2
Info
×
ET MALWARE Common RAT Connectivity Check Observed
ET POLICY External IP Lookup ip-api.com
3.6
65
ZeroCERT
45190
2024-06-08 17:06
suduko.exe
eda1749ecd5d30aebc623e3ed3679e33
Malicious Library
Confuser .NET
.NET framework(MSIL)
PE File
.NET EXE
PE32
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
2.0
M
55
ZeroCERT
45191
2024-06-08 17:07
igcc.exe
cd7b7957361fccb2ca14ca9f418d84dd
Generic Malware
Malicious Library
UPX
Antivirus
PE File
PE32
DLL
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
WMI
Creates shortcut
Creates executable files
unpack itself
powershell.exe wrote
suspicious process
AppData folder
WriteConsoleW
Windows
ComputerName
Cryptographic key
7.6
37
ZeroCERT
45192
2024-06-08 17:09
IGCC.exe
b715e50cd2a0ba26941fcf98d1ec2f36
Generic Malware
Malicious Library
UPX
Antivirus
PE File
PE32
DLL
powershell
suspicious privilege
Check memory
Checks debugger
WMI
Creates shortcut
Creates executable files
unpack itself
powershell.exe wrote
suspicious process
AppData folder
WriteConsoleW
Windows
ComputerName
Cryptographic key
6.6
M
ZeroCERT
45193
2024-06-08 17:11
kfiwarhg.exe
7d44a8a6757c2b7287c4a7b761f4e326
Generic Malware
Downloader
Malicious Library
UPX
VMProtect
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
PE64
PE File
VirusTotal
Malware
PDB
Code Injection
Creates executable files
unpack itself
AppData folder
Remote Code Execution
5.2
M
49
ZeroCERT
45194
2024-06-08 17:13
8fc809.exe
ca7ca149cea267a3d1f267c9fff30903
Generic Malware
Malicious Library
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
1.8
M
33
ZeroCERT
45195
2024-06-08 17:13
next.exe
801de46b2c66cd9de4e42994e453b705
Gen1
Generic Malware
Malicious Library
UPX
Antivirus
Malicious Packer
Anti_VM
PE File
.NET EXE
PE32
PE64
DLL
OS Processor Check
ZIP Format
VirusTotal
Malware
suspicious privilege
MachineGuid
Check memory
Checks debugger
Creates executable files
unpack itself
AppData folder
AntiVM_Disk
VM Disk Size Check
ComputerName
DNS
1
Info
×
185.91.127.220
7.0
M
54
ZeroCERT
First
Previous
3011
3012
3013
3014
3015
3016
3017
3018
3019
3020
Next
Last
Total : 48,289cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
