Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
48571
2024-10-01 17:18
wenotedfssheiscutegirltolovehe...
69504f46161b8e0834cb6394de6b99cf
MS_RTF_Obfuscation_Objects
RTF File
doc
VirusTotal
Malware
Malicious Traffic
exploit crash
Exploit
DNS
crashed
1
Keyword trend analysis
×
Info
×
http://107.172.130.147/460/newpicturesgetmetonicewith.tIF - rule_id: 42832
1
Info
×
107.172.130.147 - mailcious
1
Info
×
http://107.172.130.147/460/newpicturesgetmetonicewith.tIF
4.4
M
40
ZeroCERT
48572
2024-10-02 13:58
swizzz.exe
ad63629d1cc7a27553c9a52795b93d6d
Generic Malware
Malicious Library
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
unpack itself
crashed
2.2
M
65
guest
48573
2024-10-02 14:01
strings_out.txt
2c3b95067c64727e089037d1a0e71ff3
Malicious Library
ScreenShot
AntiDebug
AntiVM
0.4
guest
48574
2024-10-02 14:01
clip64.dll
b865aac4da61f8cc682d090819d12dd6
Amadey
Generic Malware
Malicious Library
UPX
PE File
DLL
PE32
OS Processor Check
VirusTotal
Malware
Malicious Traffic
Checks debugger
unpack itself
1
Keyword trend analysis
×
Info
×
http://amoamosss.com/Dem7kTu/index.php - rule_id: 42872
2
Info
×
amoamosss.com(80.66.89.124) - malware
80.66.89.124
1
Info
×
http://amoamosss.com/Dem7kTu/index.php
3.0
M
55
ZeroCERT
48575
2024-10-02 14:03
66fbfcd0ec153_vdsgffdg15.exe
62d163b5e92c65e84a9625b0e94be1c5
PE File
.NET EXE
PE32
VirusTotal
Malware
PDB
Check memory
Checks debugger
unpack itself
WriteConsoleW
ComputerName
2.6
M
23
ZeroCERT
48576
2024-10-02 14:05
66fbfcd0ec153_vdsgffdg15.exe
62d163b5e92c65e84a9625b0e94be1c5
PE File
.NET EXE
PE32
VirusTotal
Malware
PDB
Check memory
Checks debugger
unpack itself
WriteConsoleW
ComputerName
2.6
M
23
ZeroCERT
48577
2024-10-02 14:07
cred64.dll
9bafe5c5cfe47a1ed2e15f2748986d92
Amadey
Generic Malware
Malicious Library
UPX
Antivirus
PE File
DLL
PE64
OS Processor Check
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Email Client Info Stealer
Malware
Cryptocurrency wallets
Cryptocurrency
PDB
suspicious privilege
MachineGuid
Malicious Traffic
Check memory
Checks debugger
Creates shortcut
unpack itself
Windows utilities
suspicious process
sandbox evasion
installed browsers check
Windows
Browser
Email
ComputerName
Cryptographic key
Software
1
Keyword trend analysis
×
Info
×
http://amoamosss.com/Dem7kTu/index.php - rule_id: 42872
2
Info
×
amoamosss.com(80.66.89.124) - malware
80.66.89.124
1
Info
×
http://amoamosss.com/Dem7kTu/index.php
9.2
M
43
ZeroCERT
48578
2024-10-02 14:12
66fb287b4e6d5_vdfsgfd.exe
4f828f95c11479c61692052d9254022a
PE File
.NET EXE
PE32
VirusTotal
Malware
PDB
Check memory
Checks debugger
unpack itself
WriteConsoleW
ComputerName
2.8
M
37
ZeroCERT
48579
2024-10-02 14:33
66fb253552d8d_sdhgdfsd.exe
dfd49d1326704cfeee9852999782e4b6
PE File
.NET EXE
PE32
VirusTotal
Malware
PDB
Check memory
Checks debugger
unpack itself
WriteConsoleW
ComputerName
2.8
M
39
ZeroCERT
48580
2024-10-02 14:33
66fb287e42db8_vfdsg15.exe
9a95bf64bb82802b60c903d8c870f61d
PE File
.NET EXE
PE32
VirusTotal
Malware
PDB
Check memory
Checks debugger
unpack itself
WriteConsoleW
ComputerName
3.0
M
43
ZeroCERT
48581
2024-10-02 14:35
66fbfcc9963ca_ldfsna.exe
c7e7cfc3ed17aef6c67c265389593ee3
PE File
.NET EXE
PE32
VirusTotal
Malware
PDB
Check memory
Checks debugger
unpack itself
WriteConsoleW
ComputerName
2.8
M
36
ZeroCERT
48582
2024-10-02 14:36
ienetworkupdateshere.hta
7401654f00b94d828ea7fa91d5371bde
Generic Malware
Downloader
Antivirus
AntiDebug
AntiVM
PowerShell
MSOffice File
PE File
DLL
PE32
.NET DLL
VirusTotal
Malware
powershell
suspicious privilege
MachineGuid
Code Injection
Malicious Traffic
Check memory
Checks debugger
Creates shortcut
Creates executable files
exploit crash
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
AppData folder
Tofsee
Windows
Exploit
ComputerName
DNS
Cryptographic key
crashed
1
Keyword trend analysis
×
Info
×
http://134.19.177.44/20/newpicturetogetupdatenewthings.tIF
1
Info
×
134.19.177.44 - mailcious
2
Info
×
ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
11.2
20
ZeroCERT
48583
2024-10-02 14:38
SPOOF.exe
801832b0eb4d855a4753bb1af311db93
Emotet
Gen1
Generic Malware
Malicious Library
Admin Tool (Sysinternals etc ...)
Malicious Packer
ASPack
UPX
Anti_VM
PE File
DllRegisterServer
dll
PE32
OS Processor Check
VirusTotal
Malware
Malicious Traffic
Checks debugger
unpack itself
sandbox evasion
WriteConsoleW
Remote Code Execution
2
Keyword trend analysis
×
Info
×
http://api2.ruikeyz.com/NetVer/webapi
http://api.ruikeyz.com/NetVer/webapi
6
Info
×
api2.ruikeyz.com(165.154.8.83)
api3.ruikeyz.com(165.154.119.234)
api.ruikeyz.com(139.99.30.177)
51.79.193.76
103.245.25.86
139.99.30.177
6.6
M
40
ZeroCERT
48584
2024-10-02 14:38
66f55533ca7d6_RDPWInst.exe
c213162c86bb943bcdf91b3df381d2f6
Gen1
Generic Malware
Malicious Library
Malicious Packer
UPX
PE File
PE32
MZP Format
OS Processor Check
VirusTotal
Malware
WriteConsoleW
1.6
M
56
ZeroCERT
48585
2024-10-02 14:38
kixx.js
3094dc3bf3dacc07b7ae62e6cb53e02d
XWorm
Generic Malware
WebCam
Malicious Library
PWS
KeyLogger
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
Creates executable files
unpack itself
AppData folder
AntiVM_Disk
VM Disk Size Check
Windows
ComputerName
keylogger
12.2
12
ZeroCERT
First
Previous
3231
3232
3233
3234
3235
3236
3237
3238
3239
3240
Next
Last
Total : 49,283cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
