Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
48961
2024-10-17 14:43
Updater.exe
2d2087b08aeb06edfb294db590374dce
Antivirus
UPX
PE File
.NET EXE
PE32
OS Processor Check
VirusTotal
Malware
1.2
M
49
ZeroCERT
48962
2024-10-17 14:47
sosi_biby.exe
e11aa2c789dfd4b10e77090c4c3e448f
njRAT
backdoor
Generic Malware
PE File
.NET EXE
PE32
VirusTotal
Malware
WriteConsoleW
DNS
3
Info
×
6.tcp.eu.ngrok.io(3.69.115.178) - mailcious
3.69.157.220 - mailcious
3.68.171.119
1
Info
×
ET INFO DNS Query to a *.ngrok domain (ngrok.io)
3.0
M
65
ZeroCERT
48963
2024-10-17 14:47
nojeira.exe
47713554f0dcd00ab2c69ca3fea53d3c
njRAT
backdoor
PE File
.NET EXE
PE32
VirusTotal
Malware
WriteConsoleW
DNS
DDNS
2
Info
×
troia23.ddns.net(20.206.240.170)
20.206.240.170
1
Info
×
ET POLICY DNS Query to DynDNS Domain *.ddns .net
2.8
M
62
ZeroCERT
48964
2024-10-17 14:49
ths.exe
ba408b58a175ef6d87b002e80dd334c6
Malicious Library
.NET framework(MSIL)
UPX
PE File
.NET EXE
PE32
OS Processor Check
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
2.0
M
63
ZeroCERT
48965
2024-10-17 14:56
7z.exe
6abaab6c3d6b1446b67325bcd14d11d4
njRAT
backdoor
Generic Malware
PE File
.NET EXE
PE32
Malware download
njRAT
VirusTotal
Malware
WriteConsoleW
DNS
3
Info
×
0.tcp.eu.ngrok.io(3.74.27.83)
18.153.198.123
3.78.28.71
3
Info
×
ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
ET INFO Possible Host Profile Exfiltration In Pipe Delimited Format
ET INFO DNS Query to a *.ngrok domain (ngrok.io)
2.4
M
64
ZeroCERT
48966
2024-10-17 14:57
Client-built.exe
d0495cda14e3be72f2b0d44748d31d52
Malicious Library
.NET framework(MSIL)
UPX
PE File
.NET EXE
PE32
OS Processor Check
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
2.0
M
57
ZeroCERT
48967
2024-10-17 14:58
crmdashboard.exe
563885497a6ff9f1a02361e43c16bd76
Malicious Library
.NET framework(MSIL)
UPX
PE File
.NET EXE
PE32
OS Processor Check
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
DNS
1
Info
×
3.78.28.71
2.6
M
61
ZeroCERT
48968
2024-10-17 14:59
AppReseter_forOutlooker.exe
4c4200cdf2e58dee2b4db5200c231468
RedLine Infostealer
UltraVNC
Generic Malware
Malicious Library
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
PDB
suspicious privilege
Check memory
Checks debugger
unpack itself
Windows
Cryptographic key
crashed
4.4
M
43
ZeroCERT
48969
2024-10-17 16:44
ChromePass.exe
a892c43b0cf244f070f97fafdb224cf4
Generic Malware
Malicious Library
UPX
PE File
PE32
Browser Info Stealer
VirusTotal
Malware
PDB
Browser
Remote Code Execution
2.0
M
51
ZeroCERT
48970
2024-10-17 16:46
b.ps1
633e79b5e535ec56f58696658967b9d3
Generic Malware
Antivirus
Check memory
unpack itself
Check virtual network interfaces
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
1
Keyword trend analysis
×
Info
×
http://157.173.104.153/up/index.php
1
Info
×
157.173.104.153 - malware
4.8
M
ZeroCERT
48971
2024-10-17 16:48
bd.ps1
2ab24d76a4372ba60974d6661e8d0325
Generic Malware
Antivirus
Lnk Format
GIF Format
VirusTotal
Malware
powershell
AutoRuns
MachineGuid
Check memory
Creates shortcut
Creates executable files
unpack itself
powershell.exe wrote
Check virtual network interfaces
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
2
Keyword trend analysis
×
Info
×
http://157.173.104.153/up/get-command.php
http://157.173.104.153/up/b.ps1
1
Info
×
157.173.104.153 - malware
6.6
M
10
ZeroCERT
48972
2024-10-17 16:51
bb.ps1
094bc518d9adb0f72eee6c727ec1cef7
Generic Malware
Antivirus
Lnk Format
GIF Format
VirusTotal
Malware
powershell
AutoRuns
MachineGuid
Check memory
Creates shortcut
Creates executable files
unpack itself
powershell.exe wrote
Check virtual network interfaces
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
3
Keyword trend analysis
×
Info
×
http://157.173.104.153/up/bb.ps1
http://157.173.104.153/up/b.ps1
http://157.173.104.153/up/get-command.php
1
Info
×
157.173.104.153 - malware
5.8
M
9
ZeroCERT
48973
2024-10-18 09:25
Bank Payment Confirmation Orde...
44e1f98dde09e0525d219f374608325a
Generic Malware
Malicious Library
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
unpack itself
Check virtual network interfaces
IP Check
ComputerName
DNS
DDNS
1
Info
×
checkip.dyndns.org(193.122.130.0)
1
Info
×
ET INFO External IP Lookup Domain in DNS Query (checkip .dyndns .org)
4.4
41
ZeroCERT
48974
2024-10-18 09:56
THURSDAYYYYMPDW-constraints.vb...
f9c4326981028f9a6d08d989cea0b877
Generic Malware
Antivirus
Hide_URL
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
Check virtual network interfaces
suspicious process
WriteConsoleW
Windows
ComputerName
Cryptographic key
1
Info
×
raw.githubusercontent.com(185.199.108.133) - malware
6.2
9
ZeroCERT
48975
2024-10-18 09:57
EGwnUqNrVeLFNPw.exe
6ed4c16533ca8aa8fff3708e4b5d321b
Generic Malware
Malicious Library
.NET framework(MSIL)
Antivirus
PWS
SMTP
KeyLogger
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
powershell
PDB
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
Creates shortcut
unpack itself
powershell.exe wrote
Check virtual network interfaces
suspicious process
WriteConsoleW
IP Check
Windows
ComputerName
DNS
Cryptographic key
DDNS
1
Info
×
checkip.dyndns.org(193.122.130.0)
1
Info
×
ET INFO External IP Lookup Domain in DNS Query (checkip .dyndns .org)
11.2
M
33
ZeroCERT
First
Previous
3261
3262
3263
3264
3265
3266
3267
3268
3269
3270
Next
Last
Total : 49,283cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
