Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
46096
2020-10-19 09:21
eh.exe
4d0f2cb16083c2c99e05cdb59f2d3243
VirusTotal
Malware
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
malicious URLs
7.2
M
27
guest
46097
2020-10-19 09:18
REP_20201018_L386.doc
57bf98d84c86b699f5173c9f624ba0ba
Vulnerability
VirusTotal
Malware
unpack itself
malicious URLs
3.6
M
38
guest
46098
2020-10-19 07:59
http://flowerdeliverypasadena....
2bdc8f8afab8ee9ba26576c526d0940b
VirusTotal
Malware
AutoRuns
Code Injection
Malicious Traffic
Creates executable files
RWX flags setting
exploit crash
unpack itself
Windows utilities
Auto service
malicious URLs
AntiVM_Disk
sandbox evasion
VM Disk Size Check
human activity check
Windows
Exploit
Advertising
ComputerName
DNS
Cryptographic key
crashed
3
Keyword trend analysis
×
Info
×
http://221.147.142.214/5ppQWBDnD6xsz0/bU5WdybLOsx4s9ydOD/yuAatcr03S6XkO/
http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml
http://flowerdeliverypasadena.com/wp-content/J8tPsVAF4/
3
Info
×
104.247.73.198
117.18.232.200
221.147.142.214
3
Info
×
ET POLICY Terse Named Filename EXE Download - Possibly Hostile
ET POLICY PE EXE or DLL Windows file download HTTP
ET INFO EXE - Served Attached HTTP
11.8
M
27
guest
46099
2020-10-19 07:54
https://docsecure.top/xls/0056...
d694f94ba539e86d95c6a3671dd6b455
Vulnerability
VirusTotal
Malware
MachineGuid
Code Injection
Checks debugger
exploit crash
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
Exploit
DNS
crashed
2
Keyword trend analysis
×
Info
×
http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml
https://docsecure.top/xls/00569905.xls
2
Info
×
117.18.232.200
8.209.75.30
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET DNS Query to a *.top domain - Likely Hostile
7.2
M
guest
46100
2020-10-18 15:46
gk.exe
ee536c45fd3fa66da13cb0b15774bd16
VirusTotal
Malware
PDB
Malicious Traffic
RWX flags setting
unpack itself
malicious URLs
sandbox evasion
Windows
Advertising
ComputerName
Remote Code Execution
DNS
Cryptographic key
1
Keyword trend analysis
×
Info
×
http://221.147.142.214/Qu9JBMsbMPLvwaR/YbO2MuusZrGSf3/AajR7xNy/ts97bsmiMrig/EMcQi/EDMPtpBJCtad/
1
Info
×
221.147.142.214
6.8
32
guest
46101
2020-10-18 15:37
NuLM4gY1ZP0betPC0.exe
c5e2c5532612174b279fecae3315381f
VirusTotal
Malware
PDB
Malicious Traffic
RWX flags setting
unpack itself
malicious URLs
Windows
Advertising
ComputerName
Remote Code Execution
DNS
Cryptographic key
1
Keyword trend analysis
×
Info
×
http://2.45.176.233/dTnmqxKoaoiz9B/
1
Info
×
2.45.176.233
6.2
22
guest
46102
2020-10-18 15:32
app.exe
a1b6ac3b694e07e64b069a56de85eb5d
VirusTotal
Malware
unpack itself
malicious URLs
Remote Code Execution
2.6
M
24
guest
46103
2020-10-18 15:22
pegasun.exe
e202bc7ccc1682624be91fe0b86d10ce
Checks debugger
unpack itself
AppData folder
malicious URLs
AntiVM_Disk
VM Disk Size Check
human activity check
3.2
guest
46104
2020-10-18 10:30
cmca.jpg.exe
cd08d517ecfc84ccb7f41549ed7b6c12
VirusTotal
Malware
powershell
suspicious privilege
Malicious Traffic
Check memory
Checks debugger
Creates shortcut
Creates executable files
unpack itself
powershell.exe wrote
Check virtual network interfaces
suspicious process
malicious URLs
WriteConsoleW
Tofsee
Windows
ComputerName
DNS
Cryptographic key
3
Keyword trend analysis
×
Info
×
https://paste.ee/r/NCVsN
https://paste.ee/r/27WEg
https://paste.ee/r/p6mV5
1
Info
×
104.18.49.20
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
10.8
23
guest
46105
2020-10-18 10:29
6W3OKAFX.exe
fbc925d91c6bd5dcf275c8d1b7d05e80
VirusTotal
Malware
PDB
Malicious Traffic
RWX flags setting
unpack itself
malicious URLs
sandbox evasion
Windows
Advertising
ComputerName
Remote Code Execution
DNS
Cryptographic key
1
Keyword trend analysis
×
Info
×
http://208.180.207.205/AyHy54gY73a9ri7/7TA7jSKA6iHVM6eLJ/V4hnbaHSSPpV/L7LENU0r/L2wzy5vioaKw2v/7gpQPGfocLXe3rfB2qJ/
1
Info
×
208.180.207.205
6.6
23
guest
46106
2020-10-18 10:23
melo.jpg.exe
ec56dfc73215179dcd26dd36e8d143d6
VirusTotal
Malware
powershell
suspicious privilege
Code Injection
Malicious Traffic
Check memory
Checks debugger
buffers extracted
Creates shortcut
Creates executable files
unpack itself
powershell.exe wrote
Check virtual network interfaces
suspicious process
malicious URLs
WriteConsoleW
Tofsee
Windows
ComputerName
DNS
Cryptographic key
3
Keyword trend analysis
×
Info
×
https://paste.ee/r/BjI68
https://paste.ee/r/kwB6z
https://paste.ee/r/N1hJ9
2
Info
×
104.18.49.20
172.67.219.133
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
14.8
M
22
guest
46107
2020-10-18 10:13
amina.exe
75ea73923fd84adc68f7e68c36433351
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Email Client Info Stealer
Malware
suspicious privilege
Check memory
Checks debugger
unpack itself
malicious URLs
Windows
Browser
Email
ComputerName
Cryptographic key
Software
crashed
keylogger
8.4
18
guest
46108
2020-10-18 10:11
sKnm1Hn2KxUk8a7VZnzU.exe
ee2feb3f7bfb3fcdf13d457bb4a4b723
VirusTotal
Malware
PDB
Malicious Traffic
RWX flags setting
unpack itself
malicious URLs
sandbox evasion
Windows
Advertising
ComputerName
Remote Code Execution
DNS
Cryptographic key
1
Keyword trend analysis
×
Info
×
http://208.180.207.205/WTji4ESHgML8Swz8/u63BTdnwgb6JT/u6KPePW1Y4FbI6xs312/tmW9mubSWqLK88QYGV6/oBjr1WxeNuowug09/
1
Info
×
208.180.207.205
6.6
23
guest
46109
2020-10-18 10:05
nna.exe
0fbd8d3b0053b2b54d4d02ea956f35f8
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
malicious URLs
3.0
31
guest
46110
2020-10-18 10:04
8wtlWASKLiudHKw.exe
883c5817cdd14c561cebee838a509876
VirusTotal
Malware
PDB
Malicious Traffic
RWX flags setting
unpack itself
malicious URLs
sandbox evasion
Windows
Advertising
ComputerName
Remote Code Execution
DNS
Cryptographic key
1
Keyword trend analysis
×
Info
×
http://221.147.142.214/1y5zbbBq2HQpB/hjihh/
1
Info
×
221.147.142.214
6.4
10
guest
First
Previous
3071
3072
3073
3074
3075
3076
3077
3078
3079
3080
Next
Last
Total : 48,230cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword