Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
48676
2024-10-07 11:10
seethedomaindskilltechnologywh...
5ead5713e1263695bff52404264dd3b4
MS_RTF_Obfuscation_Objects
RTF File
doc
VirusTotal
Malware
Malicious Traffic
RWX flags setting
exploit crash
Tofsee
Exploit
DNS
crashed
1
Keyword trend analysis
×
Info
×
http://91.134.96.177/80/picturewithherimagesverygoodforyourheart.tIF
3
Info
×
raw.githubusercontent.com(185.199.110.133) - malware
91.134.96.177 - mailcious
185.199.108.133 - mailcious
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
4.6
M
38
ZeroCERT
48677
2024-10-07 11:12
seethebestthingswithnewcreated...
cdad1cbda2a0cc1260fb09a0585b287c
MS_RTF_Obfuscation_Objects
RTF File
doc
VirusTotal
Malware
Malicious Traffic
RWX flags setting
exploit crash
Tofsee
Exploit
DNS
crashed
1
Keyword trend analysis
×
Info
×
http://104.168.32.125/333/picturewithgreatwithnewthingsgreat.tIF
3
Info
×
raw.githubusercontent.com(185.199.110.133) - malware
104.168.32.125 - mailcious
185.199.108.133 - mailcious
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
4.6
M
34
ZeroCERT
48678
2024-10-07 11:13
Trial.bat
70e5b95cb445165b4cded860aaf20aca
Generic Malware
Downloader
Antivirus
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
FTP
KeyLogger
P2P
Hide_URL
AntiDebug
AntiVM
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
powershell.exe wrote
Check virtual network interfaces
suspicious process
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
1
Info
×
89.197.154.116 - mailcious
7.2
19
ZeroCERT
48679
2024-10-07 11:16
netbooknewthingsforupdnow.hta
25a0a6e379daa9cb5c68307fbf0857ea
Generic Malware
Antivirus
AntiDebug
AntiVM
PowerShell
MSOffice File
PE File
DLL
PE32
.NET DLL
VirusTotal
Malware
powershell
suspicious privilege
MachineGuid
Code Injection
Malicious Traffic
Check memory
Checks debugger
Creates shortcut
Creates executable files
RWX flags setting
exploit crash
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
AppData folder
Windows
Exploit
ComputerName
DNS
Cryptographic key
crashed
1
Keyword trend analysis
×
Info
×
http://172.245.123.9/240/taskhostw.exe
1
Info
×
172.245.123.9 - mailcious
3
Info
×
ET INFO Executable Download from dotted-quad Host
ET POLICY PE EXE or DLL Windows file download HTTP
ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response
12.2
M
28
ZeroCERT
48680
2024-10-07 11:16
IEnetbookhtmlcookies.hta
5b8b550bf3259d1d7ce43fc607808952
Generic Malware
Downloader
Antivirus
AntiDebug
AntiVM
PowerShell
PE File
DLL
PE32
.NET DLL
VirusTotal
Malware
powershell
suspicious privilege
MachineGuid
Code Injection
Malicious Traffic
Check memory
Checks debugger
Creates shortcut
Creates executable files
RWX flags setting
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
AppData folder
Windows
ComputerName
DNS
Cryptographic key
1
Keyword trend analysis
×
Info
×
http://107.172.130.147/600/cleanbabanapicturecombopack.tIF
1
Info
×
107.172.130.147 - mailcious
11.6
M
26
ZeroCERT
48681
2024-10-07 11:16
niceworkingpcitureupdation.hta
c8148c056339bcc3a3f5c2c2938f607b
Generic Malware
Downloader
Antivirus
AntiDebug
AntiVM
PowerShell
PE File
DLL
PE32
.NET DLL
VirusTotal
Malware
powershell
suspicious privilege
MachineGuid
Code Injection
Malicious Traffic
Check memory
Checks debugger
Creates shortcut
Creates executable files
RWX flags setting
exploit crash
unpack itself
Windows utilities
suspicious process
AppData folder
Windows
Exploit
ComputerName
DNS
Cryptographic key
crashed
1
Keyword trend analysis
×
Info
×
http://107.172.148.201/96/nicepicturewithgreatpictureofmfa.tIF
1
Info
×
107.172.148.201 - mailcious
11.0
M
24
ZeroCERT
48682
2024-10-07 20:51
DNV_Laboratorios.exe
4f972e64af3de8ce363637832e209d4d
Emotet
Malicious Library
Admin Tool (Sysinternals etc ...)
PE File
PE64
MachineGuid
Check memory
Checks debugger
unpack itself
ComputerName
1.6
guest
48683
2024-10-07 21:11
DNV_Laboratorios.exe
4f972e64af3de8ce363637832e209d4d
Emotet
Malicious Library
Admin Tool (Sysinternals etc ...)
PE File
PE64
MachineGuid
Check memory
Checks debugger
unpack itself
ComputerName
1.6
guest
48684
2024-10-08 09:34
lomo.exe
534b54ca8359b01ad59c2dc7c4dc51fa
Gen1
Generic Malware
Malicious Library
Malicious Packer
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
PDB
Remote Code Execution
1.0
11
ZeroCERT
48685
2024-10-08 09:34
a43486128347.exe
74b9d44ebc552df2575ff67289857e83
Gen1
Generic Malware
Malicious Library
UPX
ScreenShot
AntiDebug
AntiVM
PE File
PE32
OS Processor Check
Code Injection
buffers extracted
unpack itself
crashed
5.8
ZeroCERT
48686
2024-10-08 09:35
finelib.exe
5453881a8df30cf96b1a2ffa8cb393a4
Generic Malware
Confuser .NET
Antivirus
PE File
.NET EXE
PE32
PE64
VirusTotal
Cryptocurrency Miner
Malware
Cryptocurrency
suspicious privilege
MachineGuid
Check memory
Checks debugger
Creates shortcut
unpack itself
suspicious process
Windows
ComputerName
DNS
Cryptographic key
CoinMiner
2
Info
×
pool.hashvault.pro(125.253.92.50) - mailcious
131.153.76.130 - mailcious
2
Info
×
ET COINMINER CoinMiner Domain in DNS Lookup (pool .hashvault .pro)
ET POLICY Cryptocurrency Miner Checkin
4.6
M
43
ZeroCERT
48687
2024-10-08 09:37
vclib.exe
d0c2dd0e059c5011ed2eee4c65122177
PE File
PE64
VirusTotal
Cryptocurrency Miner
Malware
Cryptocurrency
unpack itself
DNS
CoinMiner
3
Info
×
pool.hashvault.pro(125.253.92.50) - mailcious
125.253.92.50 - mailcious
131.153.76.130 - mailcious
2
Info
×
ET COINMINER CoinMiner Domain in DNS Lookup (pool .hashvault .pro)
ET POLICY Cryptocurrency Miner Checkin
2.0
M
47
ZeroCERT
48688
2024-10-08 09:37
ScreenUpdateSync.exe
e35c6ad41081ddcda2ba9c65b5b1a6f8
Malicious Library
UPX
PE File
PE32
OS Processor Check
unpack itself
1.0
ZeroCERT
48689
2024-10-08 21:40
vclib.exe
d0c2dd0e059c5011ed2eee4c65122177
Generic Malware
PE File
PE64
VirusTotal
Malware
unpack itself
2.0
M
47
r0d
48690
2024-10-08 21:40
ScreenUpdateSync.exe
e35c6ad41081ddcda2ba9c65b5b1a6f8
Malicious Library
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
unpack itself
1.8
M
27
r0d
First
Previous
3241
3242
3243
3244
3245
3246
3247
3248
3249
3250
Next
Last
Total : 49,283cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
