Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
47266
2024-08-19 14:16
kole.exe
16830811ca935d33413fee5651873ac8
Generic Malware
Malicious Library
Downloader
UPX
PE File
PE64
OS Processor Check
VirusTotal
Malware
PDB
Check memory
Checks debugger
Creates executable files
unpack itself
Tofsee
1
Keyword trend analysis
×
Info
×
https://bitbucket.org/fcsdcvscvc/sadcasdv/downloads/slavamerlov.exe
2
Info
×
bitbucket.org(104.192.140.24) - malware
104.192.140.26 - mailcious
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
2.2
M
19
ZeroCERT
47267
2024-08-19 14:17
66bddfc358668_stealc.exe
ef05d64893224900ae27b3d2ac8323cc
PE File
.NET EXE
PE32
VirusTotal
Malware
PDB
Check memory
Checks debugger
unpack itself
ComputerName
2.8
M
40
ZeroCERT
47268
2024-08-19 14:18
traints.vbs
91056f72aff8e4376be1a87bace0b941
Generic Malware
Antivirus
Hide_URL
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
Check virtual network interfaces
suspicious process
WriteConsoleW
Tofsee
Windows
ComputerName
Cryptographic key
1
Keyword trend analysis
×
Info
×
https://ia803104.us.archive.org/27/items/vbs_20240726_20240726/vbs.jpg
2
Info
×
ia803104.us.archive.org(207.241.232.154) - malware
207.241.232.154 - malware
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
7.6
2
ZeroCERT
47269
2024-08-19 14:19
File3.exe
f73c153f9056229a47d13698343f57bc
UPX
PE File
PE64
OS Processor Check
VirusTotal
Malware
PDB
0.6
M
3
ZeroCERT
47270
2024-08-19 14:20
66c0b1c0b0cf5_crypted.exe#1
0111a6173931e73350f12c56d3a4192d
PE File
.NET EXE
PE32
VirusTotal
Malware
PDB
Check memory
Checks debugger
unpack itself
ComputerName
2.8
M
47
ZeroCERT
47271
2024-08-19 14:21
pcstoryrestart.exe
b69808cf234575a70239f8cfde03d77d
CoinMiner
AutoIt
Generic Malware
UPX
PE File
PE32
VirusTotal
Malware
Check memory
Checks debugger
sandbox evasion
3.0
M
40
ZeroCERT
47272
2024-08-19 14:22
deluuvip.exe
8d9995faeab9942de05f4fcd833e0577
Generic Malware
UPX
PE File
PE32
VirusTotal
Malware
Checks debugger
unpack itself
sandbox evasion
Browser
3.8
M
44
ZeroCERT
47273
2024-08-19 14:24
DarkPacked.exe
6446245c985087b919aa69304d1a8cac
Generic Malware
Malicious Library
Admin Tool (Sysinternals etc ...)
Malicious Packer
UPX
PE File
PE32
MZP Format
OS Processor Check
PE64
VirusTotal
Malware
Check memory
Checks debugger
WMI
Creates executable files
unpack itself
Windows utilities
suspicious process
AppData folder
Windows
ComputerName
crashed
5.6
M
15
ZeroCERT
47274
2024-08-19 14:25
TMS_AU003.exe
c010213e251fe238f0d14997e095ecd1
Malicious Library
Downloader
Admin Tool (Sysinternals etc ...)
UPX
PE File
DllRegisterServer
dll
PE32
MZP Format
OS Processor Check
VirusTotal
Malware
Check memory
unpack itself
crashed
2.0
M
5
ZeroCERT
47275
2024-08-19 14:25
66bf6c17b76df_file.exe
2dc4f429bb5eab87e58f960d961591d8
Malicious Library
UPX
PE File
.NET EXE
PE32
OS Processor Check
VirusTotal
Malware
PDB
Remote Code Execution
2.2
M
49
ZeroCERT
47276
2024-08-19 14:26
cvef.exe
5b24b568922198941e4bd8f8c7ac35c8
Generic Malware
Malicious Library
Downloader
UPX
PE File
PE64
OS Processor Check
VirusTotal
Malware
Checks debugger
Creates executable files
Tofsee
1
Keyword trend analysis
×
Info
×
https://bitbucket.org/fcsdcvscvc/sadcasdv/downloads/MessageBox.exe
2
Info
×
bitbucket.org(104.192.140.26) - malware
104.192.140.25
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
1.4
M
14
ZeroCERT
47277
2024-08-19 14:27
NetMaster_Client.exe
9c4a2a98a09549e8175607a271e202bf
Generic Malware
Malicious Library
Downloader
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
PDB
1.2
M
34
ZeroCERT
47278
2024-08-19 14:28
Downcqhz.exe
abe1acbaee58d0bedb308fd03714d9d0
Generic Malware
UPX
PE File
PE32
VirusTotal
Malware
Checks debugger
Windows
2
Keyword trend analysis
×
Info
×
http://wieie.cn:8765/Down/List - rule_id: 40515
http://wieie.cn:8765/Down/List
2
Info
×
wieie.cn(58.23.215.23) - malware
58.23.215.23 - malware
1
Info
×
ET POLICY Autoit Windows Automation tool User-Agent in HTTP Request - Possibly Hostile
1
Info
×
http://wieie.cn:8765/Down/List
2.0
M
35
ZeroCERT
47279
2024-08-19 14:29
66bddfcb52736_vidar.exe
e8e3bda68ae03ea279e5030f8431f6e9
PE File
.NET EXE
PE32
VirusTotal
Malware
PDB
Check memory
Checks debugger
unpack itself
ComputerName
2.4
M
27
ZeroCERT
47280
2024-08-19 14:30
dbzinifix.exe
54fb16a53cf14d68db5111ed6530251d
Generic Malware
UPX
PE File
PE32
VirusTotal
Malware
Checks debugger
2.6
M
43
ZeroCERT
First
Previous
3151
3152
3153
3154
3155
3156
3157
3158
3159
3160
Next
Last
Total : 48,166cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword