Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
47131
2024-08-14 11:03
build2.exe
f9a4f6684d1bf48406a42921aebc1596
Generic Malware
Malicious Library
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
Remote Code Execution
1.4
M
29
ZeroCERT
47132
2024-08-14 11:05
sihost.exe
6fe36f5cd0c522ca1241658ec2553db3
NSIS
Suspicious_Script_Bin
Malicious Library
UPX
PE File
PE32
DLL
VirusTotal
Malware
AppData folder
1.6
M
36
ZeroCERT
47133
2024-08-14 12:51
sweetbutterbuneatingtaste.tIF....
2a0bc2d3b145137365f74c8bf924f3fa
Generic Malware
Antivirus
Hide_URL
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
ICMP traffic
unpack itself
Check virtual network interfaces
suspicious process
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
DDNS
1
Keyword trend analysis
×
Info
×
http://servidorwindows.ddns.com.br/Files/vbs.jpeg
2
Info
×
servidorwindows.ddns.com.br(177.106.217.75) - malware
177.106.217.75 - malware
8.4
M
3
ZeroCERT
47134
2024-08-14 12:51
seethegreatkidmagicshowflowers...
b07bb33dc71393bfe8ad794f364179b5
Generic Malware
Antivirus
Hide_URL
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
Check virtual network interfaces
suspicious process
WriteConsoleW
Tofsee
Windows
ComputerName
Cryptographic key
1
Keyword trend analysis
×
Info
×
https://ia803104.us.archive.org/27/items/vbs_20240726_20240726/vbs.jpg
2
Info
×
ia803104.us.archive.org(207.241.232.154) - malware
207.241.232.154 - malware
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
7.6
M
5
ZeroCERT
47135
2024-08-14 12:51
ud.bat
aec611e3084360058cd20db4700ab825
Generic Malware
Downloader
Antivirus
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
FTP
KeyLogger
P2P
AntiDebug
AntiVM
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
suspicious process
WriteConsoleW
Windows
ComputerName
Cryptographic key
4.4
5
ZeroCERT
47136
2024-08-14 12:52
weneednewgirlforcoverthisnewth...
aaeaa23a77a5ced5705223f3e2aa4424
Generic Malware
Antivirus
Hide_URL
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
ICMP traffic
unpack itself
Check virtual network interfaces
suspicious process
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
DDNS
1
Keyword trend analysis
×
Info
×
http://servidorwindows.ddns.com.br/Files/vbs.jpeg
2
Info
×
servidorwindows.ddns.com.br(177.106.217.75) - malware
177.106.217.75 - malware
8.4
M
6
ZeroCERT
47137
2024-08-14 13:23
rt.jar
543e736a1f4b4f0cb420b076b478e85b
ZIP Format
OS Processor Check
VirusTotal
Malware
Check memory
RWX flags setting
unpack itself
WriteConsoleW
crashed
2.2
M
22
ZeroCERT
47138
2024-08-14 13:24
xray.jar
3f246b284761704212308800478263aa
ZIP Format
VirusTotal
Malware
Check memory
heapspray
unpack itself
Java
2.0
M
1
ZeroCERT
47139
2024-08-14 13:25
qraken.jar
e6eb86a620745a444b1c16b2415152b1
ZIP Format
Check memory
RWX flags setting
unpack itself
WriteConsoleW
crashed
1.4
M
ZeroCERT
47140
2024-08-14 13:26
dual.jar
452396a61bf5e2b477d9b84cf05a79f3
ZIP Format
Check memory
heapspray
unpack itself
Java
1.6
M
ZeroCERT
47141
2024-08-14 13:29
ngrok86.exe
1e0a83fac6922bde341193e7085a6f33
Malicious Library
Malicious Packer
UPX
PE File
ftp
PE32
wget
OS Processor Check
VirusTotal
Malware
WriteConsoleW
1.0
M
17
ZeroCERT
47142
2024-08-14 13:30
wethingsaboutentirethingstobeb...
14063e76ac284744cb2ba86de57b9072
MS_RTF_Obfuscation_Objects
RTF File
doc
VirusTotal
Malware
Malicious Traffic
ICMP traffic
RWX flags setting
exploit crash
Exploit
DNS
DDNS
crashed
1
Keyword trend analysis
×
Info
×
http://172.245.135.143/90/seetheimagesforflowerstosee.gIF
3
Info
×
servidorwindows.ddns.com.br(177.106.217.75) - malware
177.106.217.75 - malware
172.245.135.143 - mailcious
6.8
M
33
ZeroCERT
47143
2024-08-14 13:30
clubtogetmebackwithenitre.tIF....
74e12553c5aa21d2f28017b82157bbf5
Generic Malware
Antivirus
Hide_URL
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
Check virtual network interfaces
suspicious process
WriteConsoleW
Tofsee
Windows
ComputerName
Cryptographic key
1
Keyword trend analysis
×
Info
×
https://ia803104.us.archive.org/27/items/vbs_20240726_20240726/vbs.jpg
2
Info
×
ia803104.us.archive.org(207.241.232.154) - malware
207.241.232.154 - malware
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
7.6
M
4
ZeroCERT
47144
2024-08-14 13:32
sweetgirlwanttolikemewithentir...
0ec5ddae9e2d5025ee5bcb87dd41aac6
MS_RTF_Obfuscation_Objects
RTF File
doc
VirusTotal
Malware
Malicious Traffic
RWX flags setting
exploit crash
Tofsee
Exploit
DNS
crashed
1
Keyword trend analysis
×
Info
×
http://192.210.150.15/xampp/kb/clubtogetmebackwithenitre.tIF
3
Info
×
ia803104.us.archive.org(207.241.232.154) - malware
192.210.150.15 - mailcious
207.241.232.154 - malware
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
4.6
M
38
ZeroCERT
47145
2024-08-14 13:34
hz.jar
785a5628c056701f9a9a73cb0505d3b0
ZIP Format
OS Processor Check
VirusTotal
Malware
Check memory
RWX flags setting
unpack itself
WriteConsoleW
crashed
2.0
M
17
ZeroCERT
First
Previous
3141
3142
3143
3144
3145
3146
3147
3148
3149
3150
Next
Last
Total : 48,166cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword