Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
46021
2024-07-14 17:53
Ndhqvdmn-1.exe
db361206702d61f0beff5f87508152e5
Generic Malware
Malicious Library
Antivirus
PE File
.NET EXE
PE32
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
powershell.exe wrote
suspicious process
AppData folder
Windows
ComputerName
Cryptographic key
5.4
M
57
ZeroCERT
46022
2024-07-14 17:54
Microsoft_Service.exe
1644c4839846a1b6524e38071528a564
Malicious Library
Malicious Packer
Antivirus
.NET framework(MSIL)
UPX
PE File
.NET EXE
PE32
OS Processor Check
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
2.0
M
63
ZeroCERT
46023
2024-07-14 17:56
Q-backup.exe
55f03bade4a94d05b69e40b38b8554ae
Malicious Library
.NET framework(MSIL)
PE File
.NET EXE
PE32
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
unpack itself
Windows
ComputerName
Cryptographic key
3.2
M
59
ZeroCERT
46024
2024-07-14 17:56
1.exe
2b292145e4ec28e8bd8b22c1353543d1
Malicious Library
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
unpack itself
2.2
M
34
ZeroCERT
46025
2024-07-14 17:58
fatherscientificpro.zip
23cad24465d730936b5c3d2b7de5bfd1
ZIP Format
VirusTotal
Malware
1.2
M
42
ZeroCERT
46026
2024-07-14 17:58
potkmdaw.exe
cefc3739d099bae51eb2a9d3887ac12c
Generic Malware
Downloader
Malicious Library
UPX
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
PE File
PE64
OS Proces
VirusTotal
Malware
PDB
MachineGuid
Code Injection
Creates executable files
ICMP traffic
AppData folder
Remote Code Execution
DNS
1
Info
×
95.169.205.186 - mailcious
7.4
M
49
ZeroCERT
46027
2024-07-14 18:00
Sazae-1.exe
4695f98bf6e8c0908c0b6af77ec31a6c
Emotet
Hide_EXE
Malicious Library
.NET framework(MSIL)
UPX
Anti_VM
PE File
.NET EXE
PE32
OS Processor Check
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
unpack itself
Windows
ComputerName
Cryptographic key
2.8
M
61
ZeroCERT
46028
2024-07-14 18:02
random.exe
f7a1094ec901c30a546487c8aa2a3093
EnigmaProtector
PE File
PE32
VirusTotal
Malware
Check memory
ICMP traffic
unpack itself
Collect installed applications
sandbox evasion
anti-virtualization
installed browsers check
Browser
ComputerName
DNS
crashed
1
Keyword trend analysis
×
Info
×
http://85.28.47.4/920475a59bac849d.php
1
Info
×
85.28.47.4 - mailcious
7.8
M
64
ZeroCERT
46029
2024-07-15 09:19
217.exe
42e2d273ee6215957f2b979737a74b45
Generic Malware
Malicious Library
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
1.2
26
ZeroCERT
46030
2024-07-15 09:19
SIP.03746.XSLSX.exe
a3e681364daaa68ce0177581573f483f
Malicious Library
Antivirus
UPX
DllRegisterServer
dll
PE File
PE32
MZP Format
VirusTotal
Malware
1.4
38
ZeroCERT
46031
2024-07-15 09:19
1PDF.FaturaDetay_202407.exe
d8bf792f818877bf4848fde9511caeb8
Malicious Library
Antivirus
UPX
DllRegisterServer
dll
PE File
PE32
MZP Format
VirusTotal
Malware
1.6
44
ZeroCERT
46032
2024-07-15 09:19
AntiVirus2.exe
e81179996dbd2490c45ca13d80eae0a8
PE File
.NET EXE
PE32
VirusTotal
Malware
1.6
M
58
ZeroCERT
46033
2024-07-15 09:19
pqjvyogm.exe
6498c822022751dbe8abb655e6ac9db0
PE File
.NET EXE
PE32
0.4
M
ZeroCERT
46034
2024-07-15 09:21
dmi.txt.vbs
7e4e5ec429a0738c15593112bcf50406
Antivirus
VirusTotal
Malware
0.8
M
23
ZeroCERT
46035
2024-07-15 09:21
nlb.txt.vbs
afd1fa691ac9b0ab5b39fd8a0d0e40d7
Antivirus
VirusTotal
Malware
0.6
M
10
ZeroCERT
First
Previous
3061
3062
3063
3064
3065
3066
3067
3068
3069
3070
Next
Last
Total : 48,231cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
