Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
45991
2024-07-11 14:01
Pillager.exe
bc185611c97935de704feec4898a12cb
Browser Login Data Stealer
Suspicious_Script_Bin
Malicious Library
Malicious Packer
PE File
.NET EXE
PE32
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Email Client Info Stealer
Malware
PDB
suspicious privilege
Check memory
Checks debugger
unpack itself
Browser
Email
Software
crashed
4.4
M
56
ZeroCERT
45992
2024-07-11 14:04
et.exe
c5099467ee088a00183440db0dc4b09d
Generic Malware
Malicious Library
Malicious Packer
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
PDB
0.6
M
2
ZeroCERT
45993
2024-07-11 14:06
doh.exe
820562b1432bd540f32b277ce5e6f749
Generic Malware
Malicious Library
Malicious Packer
UPX
PE File
PE64
VirusTotal
Malware
crashed
1.4
M
27
ZeroCERT
45994
2024-07-11 17:17
mk.mk.mk.mkmkmk.doc
f48645f93407473fccd3d921827b876e
MS_RTF_Obfuscation_Objects
RTF File
doc
VirusTotal
Malware
exploit crash
unpack itself
Exploit
DNS
crashed
1
Info
×
198.46.178.161 - mailcious
5.2
M
38
guest
45995
2024-07-11 17:19
hy.hy.hy.hyhyhy.doc
475ca8bafdf4415277b388b64edc3313
MS_RTF_Obfuscation_Objects
RTF File
doc
VirusTotal
Malware
exploit crash
Exploit
DNS
crashed
1
Info
×
45.137.22.78 - mailcious
4.4
M
38
ZeroCERT
45996
2024-07-11 17:30
ghj.ghj.ghj.ghj.doc
d55328b7b87c986b84e60450453840c1
MS_RTF_Obfuscation_Objects
RTF File
doc
VirusTotal
Malware
Malicious Traffic
exploit crash
Exploit
DNS
crashed
1
Keyword trend analysis
×
Info
×
http://139.99.220.222/99199/igcc.exe
1
Info
×
139.99.220.222 - malware
1
Info
×
ET INFO Executable Download from dotted-quad Host
4.2
M
39
ZeroCERT
45997
2024-07-11 17:47
vd.txt.vbs
f3a9219e977b293b8cb364f8c8378284
Generic Malware
Antivirus
PowerShell
VirusTotal
Malware
powershell
AutoRuns
suspicious privilege
Check memory
Checks debugger
buffers extracted
Creates shortcut
Creates executable files
unpack itself
Check virtual network interfaces
suspicious process
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
1
Keyword trend analysis
×
Info
×
http://66.225.254.182:222/reg.jpg
1
Info
×
66.225.254.182 - mailcious
10.2
M
9
ZeroCERT
45998
2024-07-11 17:48
reg.jpg.vbs
ed5c34496df2011a496b53abc7034a0d
Generic Malware
Antivirus
VirusTotal
Malware
powershell
AutoRuns
Check memory
Creates executable files
unpack itself
WriteConsoleW
Windows
ComputerName
Cryptographic key
3.6
M
22
ZeroCERT
45999
2024-07-11 18:12
Books_A0UJKO.pdf.url
461b3386de6d58f773233d9d5536672e
AntiDebug
AntiVM
PNG Format
MSOffice File
JPEG Format
VirusTotal
Malware
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
Tofsee
Windows
Exploit
DNS
crashed
2
Keyword trend analysis
×
Info
×
http://cbmelipilla.cl/te/test1.html - rule_id: 41189
http://cbmelipilla.cl/te/test1.html
2
Info
×
cbmelipilla.cl(184.171.244.113)
184.171.244.113 - malware
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
1
Info
×
http://cbmelipilla.cl/te/test1.html
4.6
6
ZeroCERT
46000
2024-07-12 09:23
逾期发票 5453909172 Overdue Invoic...
19e8240ab5c08dbe365b9b8047b2c9d2
Malicious Library
.NET framework(MSIL)
PE File
.NET EXE
PE32
VirusTotal
Malware
PDB
Check memory
Checks debugger
unpack itself
2.8
23
ZeroCERT
46001
2024-07-12 09:24
Tan.jpg.dll
d8402908a8e78bb04f0745c963d4b1c1
Generic Malware
Malicious Library
Malicious Packer
UPX
PE File
DLL
PE32
OS Processor Check
VirusTotal
Malware
Checks debugger
unpack itself
Remote Code Execution
2.4
M
21
ZeroCERT
46002
2024-07-12 09:44
ddmc.txt.exe
db4d78d424d581692cb5483951e32ac5
Hide_EXE
VirusTotal
Malware
0.4
M
7
ZeroCERT
46003
2024-07-12 09:45
ddmc.txt.exe
ec4eddc1c6478a9b66e1884925326379
RedLine stealer
Malicious Library
.NET framework(MSIL)
PE File
PE32
VirusTotal
Malware
0.8
20
ZeroCERT
46004
2024-07-12 09:45
R28JUNIOSOST.txt.exe
75d689afb9d588ba45169a8cf4134972
Browser Login Data Stealer
Generic Malware
Downloader
Malicious Library
Malicious Packer
UPX
PE File
PE32
OS Processor Check
Malware download
Remcos
VirusTotal
Malware
Malicious Traffic
Check memory
Windows
DNS
DDNS
keylogger
1
Keyword trend analysis
×
Info
×
http://geoplugin.net/json.gp
4
Info
×
geoplugin.net(178.237.33.50)
newssssssssssssss.duckdns.org(152.201.191.104)
152.201.191.104
178.237.33.50
4
Info
×
ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
ET MALWARE Remcos 3.x Unencrypted Checkin
ET MALWARE Remcos 3.x Unencrypted Server Response
3.8
64
ZeroCERT
46005
2024-07-12 15:55
RGBC.txt.exe
80f5b85ee5d79f166a66a2318e06cd3d
Browser Login Data Stealer
Generic Malware
Downloader
Malicious Library
Malicious Packer
UPX
PE File
PE32
OS Processor Check
Remcos
VirusTotal
Malware
Malicious Traffic
Check memory
Windows
DNS
DDNS
keylogger
1
Keyword trend analysis
×
Info
×
http://geoplugin.net/json.gp
4
Info
×
geoplugin.net(178.237.33.50)
sembe.duckdns.org(194.187.251.115) - mailcious
178.237.33.50
194.187.251.115 - mailcious
3
Info
×
ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
ET JA3 Hash - Remcos 3.x/4.x TLS Connection
3.8
67
ZeroCERT
First
Previous
3061
3062
3063
3064
3065
3066
3067
3068
3069
3070
Next
Last
Total : 48,231cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
