Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
45286
2020-11-14 11:14
document.doc
4f56d3858a54bf7bb94e1c7ddc741a42
VirusTotal
Malware
exploit crash
unpack itself
malicious URLs
Windows
Exploit
crashed
Downloader
1
Keyword trend analysis
×
Info
×
http://vegaconferencegloballywihtinternatioanlwellwareteamwordglobalin.ydns.eu/bbc/vbc.exe
2
Info
×
vegaconferencegloballywihtinternatioanlwellwareteamwordglobalin.ydns.eu(198.12.84.47) - mailcious
198.12.84.47 - suspicious
2
Info
×
ET CURRENT_EVENTS Terse alphanumeric executable downloader high likelihood of being hostile
ET POLICY PE EXE or DLL Windows file download HTTP
4.2
M
24
guest
45287
2020-11-14 11:10
crss.exe
c686f0172cdc0e9e4a5f8ef3eae39f08
VirusTotal
Malware
suspicious privilege
Code Injection
Malicious Traffic
Check memory
Checks debugger
buffers extracted
unpack itself
Windows utilities
suspicious process
AppData folder
malicious URLs
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
1
Keyword trend analysis
×
Info
×
http://www.duchik13.site/tlu/?CR=N8HbuRKdjzboxaW7pg+yNcAxfcpUMUeUX1zLAPR3fGLhR/+AU55vAauSCzlifQvXTaN6oPkv&RZ=dhrxVlrpGHtXftx
3
Info
×
www.duchik13.site(185.68.16.184)
185.68.16.184
172.217.25.14 - suspicious
12.2
M
24
guest
45288
2020-11-14 11:09
1NN.exe
04965d71773df3b1283ddd3f5489774a
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Email Client Info Stealer
Malware
AutoRuns
suspicious privilege
Malicious Traffic
Check memory
Checks debugger
WMI
RWX flags setting
unpack itself
Check virtual network interfaces
IP Check
Tofsee
Windows
Browser
Email
ComputerName
Software
crashed
keylogger
1
Keyword trend analysis
×
Info
×
http://checkip.amazonaws.com/
4
Info
×
mail.lootahperfumes.com(35.208.150.174)
checkip.amazonaws.com(34.193.115.2)
35.208.150.174
3.211.138.232
2
Info
×
SURICATA Applayer Detect protocol only one direction
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
10.0
M
55
guest
45289
2020-11-14 09:52
http://45.138.72.84/10.11nov32...
VirusTotal
Malware
0.6
guest
45290
2020-11-13 18:30
ABW.exe
40a49fab093a5bb338f33fa9813dcfb3
Malware download
Nanocore
VirusTotal
Malware
c&c
Buffer PE
AutoRuns
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows utilities
suspicious process
malicious URLs
WriteConsoleW
human activity check
Windows
ComputerName
DNS
crashed
3
Info
×
swryijgrvcsgkopnmcdertvgdswbvmophtfdczxs.ydns.eu(192.253.246.138)
172.217.25.14 - suspicious
192.253.246.138
1
Info
×
ET MALWARE Possible NanoCore C2 60B
13.2
21
guest
45291
2020-11-13 18:30
document.doc
55e5539473b761d067a4e3a1baa1433f
VirusTotal
Malware
exploit crash
unpack itself
malicious URLs
IP Check
Tofsee
Windows
Exploit
crashed
Downloader
3
Keyword trend analysis
×
Info
×
http://crt.comodoca.com/COMODORSAAddTrustCA.crt
http://ghsinternationalconferencewithinternationalfilesecureserviceglo.ydns.eu/wind/vbc.exe
https://api.ipify.org/
6
Info
×
ghsinternationalconferencewithinternationalfilesecureserviceglo.ydns.eu(151.80.14.235)
api.ipify.org(23.21.126.66)
crt.comodoca.com(91.199.212.52)
91.199.212.52
151.80.14.235 - suspicious
174.129.214.20
3
Info
×
ET CURRENT_EVENTS Terse alphanumeric executable downloader high likelihood of being hostile
ET POLICY PE EXE or DLL Windows file download HTTP
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
4.6
25
guest
45292
2020-11-13 18:27
zz1ecco.jpg.exe
eb63431f06ac3ef3eeb7f50f35889a57
VirusTotal
Malware
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows utilities
suspicious process
malicious URLs
Ransomware
Windows
Tor
ComputerName
DNS
Cryptographic key
crashed
1
Info
×
172.217.25.14 - suspicious
13.8
M
36
guest
45293
2020-11-13 18:26
axcypr.exe
944d8991324c722fc1495d8f3dda1313
VirusTotal
Malware
PDB
unpack itself
malicious URLs
ComputerName
3.0
M
39
guest
45294
2020-11-13 18:06
vbchost.exe
61734203be58b15addcb1a03bd70ce3e
VirusTotal
Malware
suspicious privilege
Code Injection
Malicious Traffic
Check memory
Checks debugger
buffers extracted
unpack itself
Windows utilities
suspicious process
AppData folder
malicious URLs
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
1
Keyword trend analysis
×
Info
×
http://www.apartmenttx.com/mlr/?tXxh=C6J/YToe4ugSJI1FoBJzqCnyG8PyX91A5V/tJrmCSF1op2Abz7jZY+XFrBgT+T74nOYNlvft&U48pk=Ntx0ULS8kBu8CrO
3
Info
×
www.apartmenttx.com(23.230.59.187)
23.230.59.187
172.217.25.14 - suspicious
12.0
M
17
guest
45295
2020-11-13 18:04
top.exe
c529850a974f9d96565c23ba21fb4d38
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Email Client Info Stealer
Malware
AutoRuns
suspicious privilege
Check memory
Checks debugger
unpack itself
malicious URLs
Ransomware
Windows
Browser
Tor
Email
ComputerName
Cryptographic key
Software
crashed
10.4
M
26
guest
45296
2020-11-13 18:01
schhost.exe
da9a36b6309b598ebccf383b6263bb65
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows utilities
suspicious process
malicious URLs
WriteConsoleW
Windows
ComputerName
Cryptographic key
10.0
M
21
guest
45297
2020-11-13 17:09
5.exe
f139bcd08ad8da406f7dd25411d1c9b3
VirusTotal
Malware
unpack itself
malicious URLs
2.8
M
60
admin
45298
2020-11-13 17:06
5.exe
f139bcd08ad8da406f7dd25411d1c9b3
VirusTotal
Malware
unpack itself
malicious URLs
2.8
M
60
admin
45299
2020-11-13 17:05
5.exe
f139bcd08ad8da406f7dd25411d1c9b3
VirusTotal
Malware
unpack itself
malicious URLs
2.8
M
60
admin
45300
2020-11-13 17:02
5.exe
f139bcd08ad8da406f7dd25411d1c9b3
VirusTotal
Malware
unpack itself
malicious URLs
2.8
M
60
admin
First
Previous
3011
3012
3013
3014
3015
3016
3017
3018
3019
3020
Next
Last
Total : 48,289cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword