Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
46411
2024-07-30 07:54
zbi.exe
0534ab10184891cd61d262bfd79b7b4c
Generic Malware
Malicious Library
Malicious Packer
UPX
PE File
PE64
OS Processor Check
PDB
0.2
ZeroCERT
46412
2024-07-30 07:54
svchac.exe
60911c2b06b79fb3827c5ee11abc3eca
Gen1
Generic Malware
Malicious Library
ASPack
UPX
Anti_VM
PE File
PE64
OS Processor Check
DLL
ZIP Format
Check memory
Creates executable files
1.0
M
ZeroCERT
46413
2024-07-30 09:26
btpooxygenthingsrgreattonderst...
432a2f5af4e1bf29730f042f0d39178f
MS_RTF_Obfuscation_Objects
RTF File
doc
Malware download
VirusTotal
Malware
Malicious Traffic
exploit crash
unpack itself
Exploit
DNS
crashed
2
Keyword trend analysis
×
Info
×
http://192.227.225.166/98/weareinonlinewithnewthingsalwayshave.gIF
http://198.46.176.133/Upload/vbs.jpeg - rule_id: 41176
2
Info
×
198.46.176.133 - mailcious
192.227.225.166
2
Info
×
ET MALWARE Base64 Encoded MZ In Image
ET MALWARE Malicious Base64 Encoded Payload In Image
1
Info
×
http://198.46.176.133/Upload/vbs.jpeg
4.6
M
38
ZeroCERT
46414
2024-07-30 09:27
heistheheroofnewthingstogetmeb...
f7c34c11bb5d9cdcece78edae0beff42
MS_RTF_Obfuscation_Objects
RTF File
doc
Malware download
VirusTotal
Malware
Malicious Traffic
RWX flags setting
exploit crash
Exploit
DNS
crashed
2
Keyword trend analysis
×
Info
×
http://198.46.176.133/Upload/vbs.jpeg - rule_id: 41176
http://109.248.144.173/450/seemsitsgreattoreleasethedargonpily.gIF
2
Info
×
109.248.144.173
198.46.176.133 - mailcious
2
Info
×
ET MALWARE Base64 Encoded MZ In Image
ET MALWARE Malicious Base64 Encoded Payload In Image
1
Info
×
http://198.46.176.133/Upload/vbs.jpeg
4.8
M
40
ZeroCERT
46415
2024-07-30 09:36
event.php
61c5a8e414a47b8cc2c69e1ac4370a35
Generic Malware
Malicious Library
Malicious Packer
UPX
PE File
PE64
OS Processor Check
VirusTotal
Malware
AutoRuns
Checks debugger
Windows utilities
suspicious process
WriteConsoleW
Windows
ComputerName
3.6
50
ZeroCERT
46416
2024-07-30 09:44
22per.php.vbs
6c61c7dcca01a5e17a8bc707e1819fd8
Generic Malware
Antivirus
OS Processor Check
Check memory
unpack itself
WriteConsoleW
Windows
Cryptographic key
1.0
ZeroCERT
46417
2024-07-30 09:44
22per2.php.vbs
50520f18c7641f87940cfba2a9659c8b
Generic Malware
Antivirus
OS Processor Check
Check memory
unpack itself
WriteConsoleW
Windows
Cryptographic key
1.0
ZeroCERT
46418
2024-07-30 09:45
BEN.txt.exe
550a8fd698db084dde7fd1878981a9a8
Browser Login Data Stealer
Generic Malware
Downloader
Malicious Library
Malicious Packer
UPX
PE File
PE32
OS Processor Check
Remcos
VirusTotal
Malware
Malicious Traffic
Check memory
Windows
DNS
DDNS
keylogger
1
Keyword trend analysis
×
Info
×
http://geoplugin.net/json.gp
4
Info
×
geoplugin.net(178.237.33.50)
tochisglobal.ddns.net(103.253.17.222)
178.237.33.50
103.253.17.222
2
Info
×
ET POLICY DNS Query to DynDNS Domain *.ddns .net
ET JA3 Hash - Remcos 3.x/4.x TLS Connection
3.8
62
ZeroCERT
46419
2024-07-30 09:48
UPBIT_20240729.docx.lnk
6793c3d6438553222f5e8ed2ee8c3ebf
Generic Malware
Antivirus
AntiDebug
AntiVM
Lnk Format
GIF Format
VirusTotal
Malware
powershell
suspicious privilege
Code Injection
Check memory
Checks debugger
Creates shortcut
RWX flags setting
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
WriteConsoleW
Windows
Java
ComputerName
Cryptographic key
7.2
14
ZeroCERT
46420
2024-07-30 09:48
수정본_20240729.docx.lnk
1bb62f16635e0bcaf7b4ac2c27ceac71
Generic Malware
Antivirus
AntiDebug
AntiVM
Lnk Format
GIF Format
VirusTotal
Malware
powershell
suspicious privilege
Code Injection
Check memory
Checks debugger
Creates shortcut
RWX flags setting
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
WriteConsoleW
Windows
Java
ComputerName
Cryptographic key
7.2
19
ZeroCERT
46421
2024-07-30 09:50
s6790.vbs
9cd28988bbf3082be4a3f55a35a74728
Generic Malware
Antivirus
VirusTotal
Malware
powershell
AutoRuns
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
Windows utilities
suspicious process
WriteConsoleW
Windows
ComputerName
Cryptographic key
7.4
9
ZeroCERT
46422
2024-07-30 09:50
R7424.vbs
8ed012ccd8d23a8ff8e7b899a1e731c5
Generic Malware
Antivirus
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
suspicious process
WriteConsoleW
Windows
ComputerName
Cryptographic key
5.8
9
ZeroCERT
46423
2024-07-30 09:51
p.ps1
35331e753312b7f595f0b07a6307b2ef
Generic Malware
Antivirus
Check memory
unpack itself
WriteConsoleW
Windows
Cryptographic key
1.0
ZeroCERT
46424
2024-07-30 10:04
vbs.jpg.exe
d783b01173fc303ec28a741b88fe1a3d
Malicious Library
Malicious Packer
UPX
PE File
DLL
PE32
.NET DLL
OS Processor Check
VirusTotal
Malware
PDB
0.6
7
ZeroCERT
46425
2024-07-30 10:04
seemsitsgreattoreleasethedargo...
1e06a0b540d76abb6e2712fa7e37138a
Generic Malware
Antivirus
PowerShell
Malware download
VirusTotal
Malware
powershell
suspicious privilege
Malicious Traffic
Check memory
Checks debugger
buffers extracted
Creates shortcut
unpack itself
Check virtual network interfaces
suspicious process
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
1
Keyword trend analysis
×
Info
×
http://198.46.176.133/Upload/vbs.jpeg - rule_id: 41176
1
Info
×
198.46.176.133 - mailcious
2
Info
×
ET MALWARE Base64 Encoded MZ In Image
ET MALWARE Malicious Base64 Encoded Payload In Image
1
Info
×
http://198.46.176.133/Upload/vbs.jpeg
8.8
M
4
ZeroCERT
First
Previous
3091
3092
3093
3094
3095
3096
3097
3098
3099
3100
Next
Last
Total : 48,230cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword