Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
46201
2024-07-22 11:23
Oxdmnmj-OLD-3.pif
7f8b6cd2d698880ab241c94d3b2ffc66
Generic Malware
Malicious Library
Antivirus
PE File
.NET EXE
PE32
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
suspicious process
AppData folder
Windows
ComputerName
Cryptographic key
4.8
M
61
ZeroCERT
46202
2024-07-22 11:23
CrowdStrike.exe
755c0350038daefb29b888b6f8739e81
Generic Malware
Malicious Library
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
WMI
Creates executable files
unpack itself
Windows utilities
suspicious process
AppData folder
WriteConsoleW
Windows
ComputerName
6.0
23
ZeroCERT
46203
2024-07-22 11:24
Web-Source-2.exe
017fe34b7a5a976740fb655f2a6e626d
Generic Malware
Malicious Library
Antivirus
PE File
.NET EXE
PE32
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
powershell.exe wrote
suspicious process
AppData folder
Windows
ComputerName
Cryptographic key
5.0
M
59
ZeroCERT
46204
2024-07-22 11:26
AnyClesk.ps1
36b6376a1763c4751be6f698b6bf2ce9
Generic Malware
Antivirus
PE File
DLL
PE32
.NET DLL
VirusTotal
Malware
Buffer PE
Check memory
buffers extracted
Creates executable files
unpack itself
Windows utilities
AppData folder
WriteConsoleW
Windows
Cryptographic key
5.0
M
11
ZeroCERT
46205
2024-07-22 11:28
archcw.ps1
d5fb489e2165e7091c7bd8a9852670be
Generic Malware
Antivirus
PE File
DLL
PE32
.NET DLL
VirusTotal
Malware
Check memory
Creates executable files
unpack itself
Windows utilities
AppData folder
WriteConsoleW
Windows
Cryptographic key
crashed
4.0
M
1
ZeroCERT
46206
2024-07-22 12:22
CrowdStrike.exe
755c0350038daefb29b888b6f8739e81
Generic Malware
Downloader
Malicious Library
UPX
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
PE File
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
WMI
Creates executable files
unpack itself
Windows utilities
suspicious process
AppData folder
malicious URLs
WriteConsoleW
Windows
ComputerName
6.8
23
ZeroCERT
46207
2024-07-22 13:34
archcwbat.ps1
0f057026500cb35b3c3bcf5af8d6c9d8
Generic Malware
Antivirus
Check memory
Creates executable files
unpack itself
WriteConsoleW
Windows
Cryptographic key
1.4
ZeroCERT
46208
2024-07-22 13:35
attack.jpeg.ps1
2787b74f86388778186aa50c042d2763
Generic Malware
Antivirus
PE File
DLL
PE32
.NET DLL
VirusTotal
Malware
powershell
Buffer PE
AutoRuns
suspicious privilege
Check memory
Checks debugger
buffers extracted
Creates shortcut
Creates executable files
unpack itself
Windows utilities
suspicious process
AppData folder
WriteConsoleW
Windows
ComputerName
Cryptographic key
9.2
M
3
ZeroCERT
46209
2024-07-22 13:35
clean.bat
28e0005fbeabc65cb66c81f9ed616b62
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
FTP
KeyLogger
P2P
AntiDebug
AntiVM
Malware download
VirusTotal
Malware
Malicious Traffic
Check memory
Checks debugger
Creates executable files
Check virtual network interfaces
WriteConsoleW
ComputerName
Trojan
DNS
2
Keyword trend analysis
×
Info
×
http://108.174.58.28/0.exe - rule_id: 41308
http://108.174.58.28/0.exe
1
Info
×
108.174.58.28 - malware
2
Info
×
ET MALWARE Single char EXE direct download likely trojan (multiple families)
ET INFO Executable Download from dotted-quad Host
1
Info
×
http://108.174.58.28/0.exe
5.0
3
ZeroCERT
46210
2024-07-22 14:25
win.txt.exe
ad49cc932660b3b8ce1460da383b814b
UPX
PE File
DLL
PE64
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
suspicious process
crashed
1.8
M
2
ZeroCERT
46211
2024-07-22 14:26
inject.txt.exe
03bed904291f531fc5381307e361b70f
PE File
DLL
PE64
VirusTotal
Malware
unpack itself
DNS
crashed
1
Info
×
185.208.158.176 - malware
1
Info
×
ET DROP Spamhaus DROP Listed Traffic Inbound group 33
3.8
M
53
ZeroCERT
46212
2024-07-22 17:45
deepweb2.exe
cdcf164d5d8fac1ce015d142cf83e105
Generic Malware
Malicious Library
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
PDB
unpack itself
crashed
2.4
49
ZeroCERT
46213
2024-07-22 17:46
Server.exe
5133a39682e9f9c6b6245193d0e71c8a
njRAT
backdoor
Generic Malware
PE File
.NET EXE
PE32
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
WriteConsoleW
2.6
64
ZeroCERT
46214
2024-07-22 17:48
Client-built.exe
e0bd71734fc197f5d445a0220c946718
Malicious Library
.NET framework(MSIL)
UPX
PE File
.NET EXE
PE32
OS Processor Check
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
2.0
54
ZeroCERT
46215
2024-07-22 17:50
deepweb.exe
478d0787cddfa1a31e3480d1612c91b7
Generic Malware
Malicious Library
Malicious Packer
UPX
DllRegisterServer
dll
PE File
PE64
OS Processor Check
VirusTotal
Malware
1.0
30
ZeroCERT
First
Previous
3081
3082
3083
3084
3085
3086
3087
3088
3089
3090
Next
Last
Total : 48,230cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
