Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
48106
2024-09-17 14:29
Client_protected.exe
19574d1c471ceaa99d0d05321e7beba4
Generic Malware
UPX
Anti_VM
PE File
.NET EXE
PE32
VirusTotal
Malware
1.8
M
58
ZeroCERT
48107
2024-09-17 14:30
66c62b70f281e_tz4j.exe
9fb83bee6ff97065c498f48fc094f848
HermeticWiper
PhysicalDrive
Generic Malware
Malicious Library
Malicious Packer
Antivirus
UPX
PE File
ftp
PE64
OS Processor Check
VirusTotal
Malware
PDB
Creates executable files
unpack itself
ComputerName
crashed
4.2
M
49
ZeroCERT
48108
2024-09-17 14:31
Ghost_0x000263826B9A9B91.exe
11df28c910c9d9127a7e7054e9cadf1f
UPX
PE File
PE64
OS Processor Check
VirusTotal
Malware
crashed
1.4
M
43
ZeroCERT
48109
2024-09-17 14:34
ueu7.exe
3f96ae0cd28b2a63dee0fdcd2105d8a2
PE File
.NET EXE
PE32
VirusTotal
Malware
PDB
Check memory
Checks debugger
unpack itself
ComputerName
2.4
M
57
ZeroCERT
48110
2024-09-17 14:34
66e5f96b41510_GageEpa.exe#111u...
43044a8822f069feddd9c02fe36d8517
Generic Malware
Downloader
Malicious Library
UPX
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
PE File
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
WMI
Creates executable files
unpack itself
Windows utilities
suspicious process
AppData folder
malicious URLs
sandbox evasion
WriteConsoleW
Windows
ComputerName
7.4
M
30
ZeroCERT
48111
2024-09-17 14:35
setup2.exe
049ffcac0769d5d449839aae7853aaf2
Malicious Library
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
unpack itself
2.0
M
35
ZeroCERT
48112
2024-09-19 09:35
Quote_90614201_2024-10-16.pdf
b5796526f9522c44439fd5c5370edd64
PDF
unpack itself
Windows utilities
Windows
1.4
guest
48113
2024-09-19 09:36
gefox.exe
ee42c29675d7fc861464f7265f55e42f
Emotet
Gen1
Malicious Library
UPX
PE File
PE32
MZP Format
PE64
OS Processor Check
DLL
VirusTotal
Malware
Checks debugger
Creates executable files
unpack itself
AppData folder
3.4
M
40
ZeroCERT
48114
2024-09-19 09:38
66e80492300c8_cry.exe
fef7cb7c3bd0e8204e3e7fecc544e6e6
RedLine Infostealer
UltraVNC
Generic Malware
Malicious Library
UPX
PE File
PE32
OS Processor Check
Malware download
VirusTotal
Malware
PDB
Stealer
DNS
1
Info
×
89.105.223.249 - mailcious
1
Info
×
ET MALWARE [ANY.RUN] MetaStealer v.5 CnC Activity (MC-NMF TLS SNI)
2.4
M
57
ZeroCERT
48115
2024-09-19 09:39
kin.exe
2eac5118a040a13e0207693aabfe88fe
AgentTesla
Malicious Library
Malicious Packer
UPX
PE File
OS Memory Check
.NET EXE
PE32
OS Name Check
OS Processor Check
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Email Client Info Stealer
Malware
suspicious privilege
Malicious Traffic
Check memory
Checks debugger
unpack itself
Check virtual network interfaces
IP Check
Windows
Browser
Email
ComputerName
DNS
Software
crashed
keylogger
1
Keyword trend analysis
×
Info
×
http://ip-api.com/line/?fields=hosting
2
Info
×
ip-api.com(208.95.112.1)
208.95.112.1
2
Info
×
ET INFO External IP Lookup Domain in DNS Lookup (ip-api .com)
ET POLICY External IP Lookup ip-api.com
7.8
M
57
ZeroCERT
48116
2024-09-19 09:39
random.exe
a71fec0e25fa74c137793c874ee77c4e
RedLine stealer
Generic Malware
Malicious Library
UPX
Code injection
Anti_VM
AntiDebug
AntiVM
PE File
PE32
OS Processor Check
VirusTotal
Malware
MachineGuid
Code Injection
Check memory
Checks debugger
buffers extracted
RWX flags setting
exploit crash
unpack itself
malicious URLs
installed browsers check
Ransomware
Exploit
Browser
crashed
9.6
M
41
ZeroCERT
48117
2024-09-19 09:40
main.exe
2cd03a08efea2cffdd6ba16757a8800a
Malicious Library
PE File
PE64
VirusTotal
Malware
RWX flags setting
unpack itself
ComputerName
DNS
1
Info
×
101.34.79.123
5.2
M
61
ZeroCERT
48118
2024-09-19 09:41
DEMONCODER.dll
7d9c5df6d1a2f85004890dc0c3d287a3
Malicious Packer
PE File
DLL
PE32
.NET DLL
VirusTotal
Malware
PDB
1.4
M
48
ZeroCERT
48119
2024-09-19 09:41
trueburner.exe
1f51751ae5a114af8b47a3f6ee663bec
Generic Malware
Malicious Library
Malicious Packer
UPX
PE File
DllRegisterServer
dll
PE32
OS Processor Check
VirusTotal
Malware
1.4
M
44
ZeroCERT
48120
2024-09-19 09:42
seethegreatthingsonherewithmef...
0edaacfdd31f608fd4fb9e440a2d9d7f
MS_RTF_Obfuscation_Objects
RTF File
doc
VirusTotal
Malware
Malicious Traffic
RWX flags setting
exploit crash
Exploit
DNS
crashed
1
Keyword trend analysis
×
Info
×
http://198.23.133.156/775/picturewithgoodviewthingsbetter.tIF
1
Info
×
198.23.133.156 - mailcious
4.6
M
38
ZeroCERT
First
Previous
3201
3202
3203
3204
3205
3206
3207
3208
3209
3210
Next
Last
Total : 48,166cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword