Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
45451
2024-06-19 10:01
AntiVirus4.exe
0073055ad7552b19ea9a239023318374
Malicious Packer
Malicious Library
Antivirus
.NET framework(MSIL)
UPX
PE File
.NET EXE
PE32
OS Processor Check
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
DNS
1
Info
×
125.253.92.50
2.6
M
54
ZeroCERT
45452
2024-06-19 10:02
Rihypax_LetThereBeNightingale_...
02e07416de23472dfcc5a97ea6c94fab
Generic Malware
Downloader
Malicious Packer
Malicious Library
.NET framework(MSIL)
UPX
Antivirus
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
FTP
KeyLogger
P2P
Ant
Browser Info Stealer
VirusTotal
Malware
powershell
AutoRuns
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
Creates shortcut
ICMP traffic
unpack itself
Windows utilities
powershell.exe wrote
Check virtual network interfaces
suspicious process
Windows
Browser
ComputerName
DNS
Cryptographic key
1
Info
×
125.253.92.50
9.6
M
49
ZeroCERT
45453
2024-06-19 10:03
2345.exe
7936c4064fbc9b69fba8b5f0d44a2482
Generic Malware
Malicious Packer
Malicious Library
UPX
Anti_VM
PE File
PE32
OS Processor Check
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
AntiVM_Disk
sandbox evasion
VM Disk Size Check
Windows
Browser
DNS
crashed
1
Info
×
152.136.174.2 - mailcious
5.2
M
62
ZeroCERT
45454
2024-06-19 10:03
csrss.exe
08475c0ab2386f3353d1c2f254a839c3
Client SW User Data Stealer
Backdoor
RemcosRAT
browser
info stealer
Google
Chrome
User Data
Downloader
Malicious Packer
Malicious Library
Antivirus
UPX
Create Service
Socket
ScreenShot
Escalate priviledges
PWS
Sniff Audio
DNS
Internet API
KeyLogger
AntiDe
Remcos
VirusTotal
Malware
Code Injection
Malicious Traffic
Check memory
buffers extracted
Remote Code Execution
1
Keyword trend analysis
×
Info
×
http://geoplugin.net/json.gp
4
Info
×
geoplugin.net(178.237.33.50)
bossnacarpet.com(107.173.4.18)
178.237.33.50
107.173.4.18 - malware
1
Info
×
ET JA3 Hash - Remcos 3.x/4.x TLS Connection
6.0
M
40
ZeroCERT
45455
2024-06-19 13:36
adobex.js
52251be9db3c249a21b437db2186a21c
VirusTotal
Malware
VBScript
wscript.exe payload download
ICMP traffic
Dropper
1
Keyword trend analysis
×
Info
×
https://postutopia.net/wp-includes/images/smilies/icon-smile-kl.js
2
Info
×
postutopia.net(51.254.27.105) - mailcious
51.254.27.105 - mailcious
10.0
21
ZeroCERT
45456
2024-06-19 13:36
vc.txt.vbs
f6f5a4cce34ca5129908c36df08d4f1a
Generic Malware
Antivirus
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
suspicious process
WriteConsoleW
Windows
ComputerName
Cryptographic key
crashed
1
Keyword trend analysis
×
Info
×
http://23.26.77.110:888/sxe.jpg
6.0
M
8
ZeroCERT
45457
2024-06-19 13:37
AntiVirus.exe
6945668834c3c7223d4d98e0e89428ec
Generic Malware
Downloader
Malicious Packer
Malicious Library
.NET framework(MSIL)
UPX
Antivirus
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
FTP
KeyLogger
P2P
Ant
Browser Info Stealer
VirusTotal
Malware
Cryptocurrency wallets
Cryptocurrency
powershell
AutoRuns
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
Creates shortcut
ICMP traffic
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
Ransomware
Windows
Browser
ComputerName
Cryptographic key
9.8
M
46
ZeroCERT
45458
2024-06-19 14:00
new_image.jpg.exe
3bc246a912d5b2c5db59f9421808d1eb
Malicious Library
UPX
DLL
PE File
PE32
OS Processor Check
.NET DLL
VirusTotal
Malware
PDB
1.0
28
ZeroCERT
45459
2024-06-19 14:15
new_image.jpg.exe
3bc246a912d5b2c5db59f9421808d1eb
Malicious Library
UPX
DLL
PE File
PE32
OS Processor Check
.NET DLL
VirusTotal
Malware
PDB
1.0
28
ZeroCERT
45460
2024-06-19 14:20
invoice.exe
dfc21ed56aafad102fd6b985a15f8423
Malicious Library
UPX
AntiDebug
AntiVM
PE File
PE32
OS Processor Check
VirusTotal
Malware
Code Injection
Check memory
Creates executable files
crashed
4.8
24
ZeroCERT
45461
2024-06-19 14:20
lucas.exe
6ac7718e6b8ac2b54f6ad121b1589d99
Malicious Packer
Malicious Library
UPX
PE File
.NET EXE
PE32
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
1.8
36
ZeroCERT
45462
2024-06-19 14:29
build.exe
e59cb9f032187838b2be9823757bb85a
Malicious Library
.NET framework(MSIL)
PE File
.NET EXE
PE32
DNS
1
Info
×
91.92.244.178
1
Info
×
ET DROP Spamhaus DROP Listed Traffic Inbound group 13
1.0
ZeroCERT
45463
2024-06-19 14:35
x.exe
5d53a02ab5d5d587f2ed596908d59a01
Malicious Library
Antivirus
UPX
PE File
.NET EXE
PE32
OS Processor Check
suspicious privilege
MachineGuid
Check memory
Checks debugger
unpack itself
AntiVM_Disk
VM Disk Size Check
Windows
ComputerName
Cryptographic key
2.8
M
ZeroCERT
45464
2024-06-19 14:36
obf.exe
47978fd3f8bef45e4cd2e45c317c8f49
Gen1
Generic Malware
Malicious Library
UPX
Malicious Packer
Anti_VM
PE64
PE File
OS Processor Check
DLL
ZIP Format
VirusTotal
Malware
Check memory
Creates executable files
1.6
M
10
ZeroCERT
45465
2024-06-19 14:40
gui.exe
8af55ab72dc0c45e52c7af0752cbbc4a
NSIS
Generic Malware
Malicious Library
UPX
Antivirus
PE File
PE32
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
WMI
Creates shortcut
unpack itself
powershell.exe wrote
suspicious process
WriteConsoleW
Windows
ComputerName
Cryptographic key
6.6
26
ZeroCERT
First
Previous
3031
3032
3033
3034
3035
3036
3037
3038
3039
3040
Next
Last
Total : 48,289cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword