Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
4531
2024-12-18 18:27
NJRAT%20DANGEROUS.exe
401b1ea00d135d5060f237c2f5a8a6c4
Antivirus
UPX
PE File
.NET EXE
PE32
OS Processor Check
njRAT
NetWireRC
VirusTotal
Malware
suspicious privilege
MachineGuid
Check memory
Checks debugger
unpack itself
AntiVM_Disk
VM Disk Size Check
Windows
ComputerName
Cryptographic key
4.6
55
ZeroCERT
4532
2024-12-18 18:25
clip64.dll
2b252fcee2eec5371a13e6615abfcc22
Amadey
Generic Malware
Malicious Library
UPX
PE File
DLL
PE32
OS Processor Check
VirusTotal
Malware
Malicious Traffic
Checks debugger
unpack itself
DNS
1
Keyword trend analysis
×
Info
×
http://62.60.226.15/8fj482jd9/index.php
1
Info
×
62.60.226.15
3.6
51
ZeroCERT
4533
2024-12-18 18:23
goldlummaa.exe
876bf2dec67ea8626322d2c268219d76
Generic Malware
Malicious Library
UPX
ScreenShot
AntiDebug
AntiVM
PE File
PE32
OS Processor Check
VirusTotal
Malware
Code Injection
buffers extracted
unpack itself
7.0
55
ZeroCERT
4534
2024-12-18 18:21
cred64.dll
b05829869d6dc7c44d8dcdebef2ec2ce
Generic Malware
Malicious Library
UPX
Antivirus
PE File
DLL
PE64
OS Processor Check
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Email Client Info Stealer
Malware
Cryptocurrency wallets
Cryptocurrency
PDB
suspicious privilege
MachineGuid
Malicious Traffic
Check memory
Checks debugger
Creates shortcut
unpack itself
Windows utilities
suspicious process
sandbox evasion
installed browsers check
Windows
Browser
Email
ComputerName
DNS
Cryptographic key
Software
1
Keyword trend analysis
×
Info
×
http://62.60.226.15/8fj482jd9/index.php
1
Info
×
62.60.226.15
9.8
48
ZeroCERT
4535
2024-12-18 18:20
cred.dll
c7d70b4e09e0968f5e139241d4051d3c
Generic Malware
Malicious Library
UPX
Antivirus
PE File
DLL
PE32
OS Processor Check
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Email Client Info Stealer
Malware
Cryptocurrency wallets
Cryptocurrency
suspicious privilege
MachineGuid
Malicious Traffic
Check memory
Checks debugger
Creates shortcut
unpack itself
Windows utilities
suspicious process
sandbox evasion
installed browsers check
Windows
Browser
Email
ComputerName
DNS
Cryptographic key
Software
2
Keyword trend analysis
×
Info
×
http://185.81.68.148/8Fvu5jh4DbS/index.php
http://185.81.68.147/7vhfjke3/index.php
2
Info
×
185.81.68.147
185.81.68.148
1
Info
×
ET DROP Spamhaus DROP Listed Traffic Inbound group 32
9.4
51
ZeroCERT
4536
2024-12-18 16:53
newwork.exe
50cfc65e59834f6adca04ad2566c435e
Emotet
Gen1
Generic Malware
Malicious Library
UPX
PE File
PE32
MZP Format
DLL
OS Processor Check
CHM Format
PE64
VirusTotal
Malware
Check memory
Checks debugger
Creates executable files
unpack itself
AppData folder
ComputerName
crashed
3.6
38
ZeroCERT
4537
2024-12-18 16:46
Amaterasu.exe
cefd2f7214a8dfaa0175f0cc28b9a484
Generic Malware
Malicious Library
Malicious Packer
UPX
PE File
PE64
OS Processor Check
VirusTotal
Malware
1.2
47
ZeroCERT
4538
2024-12-18 16:31
BootstrapperV1.23_1.exe
02c70d9d6696950c198db93b7f6a835e
Malicious Library
.NET framework(MSIL)
UPX
PE File
PE64
.NET EXE
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
unpack itself
Windows utilities
Check virtual network interfaces
suspicious process
Tofsee
Windows
ComputerName
crashed
4
Info
×
gitlab.com(172.65.251.78) - malware
getsolara.dev(104.21.93.27) - mailcious
104.21.93.27
172.65.251.78 - malware
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
4.4
59
guest
4539
2024-12-18 16:25
BootstrapperV1.23_1.exe
02c70d9d6696950c198db93b7f6a835e
Malicious Library
.NET framework(MSIL)
UPX
PE File
PE64
.NET EXE
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
unpack itself
Windows utilities
Check virtual network interfaces
suspicious process
Tofsee
Windows
ComputerName
crashed
4
Info
×
gitlab.com(172.65.251.78) - malware
getsolara.dev(172.67.203.125) - mailcious
104.21.93.27
172.65.251.78 - malware
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
4.4
59
guest
4540
2024-12-18 16:19
av.exe
c5ca67c0bbc8b248cea971121e96e93d
Gen1
Generic Malware
PhysicalDrive
Downloader
Malicious Library
WinRAR
UPX
Malicious Packer
Antivirus
Confuser .NET
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
pe
VirusTotal
Malware
powershell
PDB
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
WMI
Creates shortcut
Creates executable files
unpack itself
Windows utilities
Disables Windows Security
powershell.exe wrote
suspicious process
AppData folder
WriteConsoleW
installed browsers check
Windows
Browser
ComputerName
RCE
Cryptographic key
crashed
15.6
40
ZeroCERT
4541
2024-12-18 16:17
AwT7h8g.exe
bc6009246c4e40f200cad9bdaaf25f50
Generic Malware
UPX
Malicious Library
Malicious Packer
PE File
.NET EXE
PE32
DLL
OS Processor Check
VirusTotal
Malware
Check memory
Checks debugger
Creates executable files
unpack itself
AppData folder
3.0
36
ZeroCERT
4542
2024-12-18 16:15
bo.js
32254df5cf8de301c1266c7905a7b5a4
Generic Malware
Antivirus
PowerShell
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
suspicious process
WriteConsoleW
Windows
ComputerName
Cryptographic key
crashed
5.8
20
ZeroCERT
4543
2024-12-17 18:05
Schimbare date bancare FM ROMA...
a753499ff9fc03d1b0b465b447b9b73a
PDF
0.4
guest
4544
2024-12-16 19:27
ScreenUpdateSync.exe
27754b6abff5ca6e4b1183526f9517dd
Malicious Library
UPX
PE32
PE File
OS Processor Check
VirusTotal
Malware
unpack itself
1.2
28
ZeroCERT
4545
2024-12-16 19:27
3EUEYgl.exe
3b8b3018e3283830627249d26305419d
Themida
UPX
PE32
PE File
VirusTotal
Malware
Telegram
Malicious Traffic
Checks debugger
unpack itself
Checks Bios
Detects VMWare
VMware
anti-virtualization
Tofsee
Windows
ComputerName
DNS
crashed
2
Keyword trend analysis
×
Info
×
https://steamcommunity.com/profiles/76561199807592927
https://t.me/detct0r
5
Info
×
t.me(149.154.167.99) - mailcious
steamcommunity.com(104.76.74.15) - mailcious
149.154.167.99 - mailcious
104.74.170.104 - mailcious
65.109.242.111
3
Info
×
ET INFO Observed Telegram Domain (t .me in TLS SNI)
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
9.6
58
ZeroCERT
First
Previous
301
302
303
304
305
306
307
308
309
310
Next
Last
Total : 54,215cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
