Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
48976
2024-10-18 09:59
net.msi
5375c07cb8e6bedd4c3f26c9509d1562
Generic Malware
Malicious Library
Admin Tool (Sysinternals etc ...)
AntiDebug
AntiVM
MSOffice File
CAB
OS Processor Check
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
unpack itself
AntiVM_Disk
VM Disk Size Check
ComputerName
crashed
3.8
M
26
ZeroCERT
48977
2024-10-18 09:59
reddit.exe
23544090c6d379e3eca7343c4f05d4d2
Malicious Packer
UPX
PE File
PE32
VirusTotal
Malware
unpack itself
DNS
1
Info
×
147.185.221.23
3.6
M
61
ZeroCERT
48978
2024-10-18 10:01
ywx.exe
4dba58c6e9f435c1cca607525760d0fd
Generic Malware
Malicious Library
Malicious Packer
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
AutoRuns
unpack itself
AppData folder
Windows
DNS
1
Info
×
176.111.174.140 - malware
5.6
M
49
ZeroCERT
48979
2024-10-18 10:01
Swift-Stage1-Obfuscated.exe
0444eb9fbbf0d5ee3718acafd88e0843
Malicious Packer
UPX
PE File
PE64
VirusTotal
Malware
Checks debugger
3.2
M
51
ZeroCERT
48980
2024-10-18 10:03
taskhostws.exe
b47e4f366b08fe509c2a8f9ee7251f51
Generic Malware
Malicious Library
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
unpack itself
Check virtual network interfaces
IP Check
ComputerName
DNS
DDNS
1
Info
×
checkip.dyndns.org(132.226.8.169)
1
Info
×
ET INFO External IP Lookup Domain in DNS Query (checkip .dyndns .org)
4.0
26
ZeroCERT
48981
2024-10-18 10:05
reverse_ctl.exe
51dadf28bb2dfca8bcfdd80a15cfdfe1
Gen1
Generic Malware
Malicious Library
ASPack
UPX
Anti_VM
PE File
PE64
OS Processor Check
DLL
ZIP Format
VirusTotal
Malware
Check memory
Creates executable files
1.4
9
ZeroCERT
48982
2024-10-18 10:06
dtgLBRsUB45qnMm.exe
e27a42a410cc4d6bbbe3c46c457496fa
Generic Malware
Malicious Library
.NET framework(MSIL)
Antivirus
PWS
SMTP
KeyLogger
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
powershell
PDB
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
Creates shortcut
unpack itself
powershell.exe wrote
Check virtual network interfaces
suspicious process
WriteConsoleW
IP Check
Windows
ComputerName
DNS
Cryptographic key
DDNS
1
Info
×
checkip.dyndns.org(132.226.8.169)
1
Info
×
ET INFO External IP Lookup Domain in DNS Query (checkip .dyndns .org)
12.2
M
30
ZeroCERT
48983
2024-10-18 10:07
geo.ps1
4eca2fab3cfdec2314fc2fd25cc8f50e
Generic Malware
Antivirus
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
WMI
unpack itself
Windows utilities
powershell.exe wrote
Check virtual network interfaces
suspicious process
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
crashed
2
Keyword trend analysis
×
Info
×
http://1.255.85.176:8080/Wuck/config.json
http://1.255.85.176:8080/Wuck/s.rar
1
Info
×
1.255.85.176 - suspicious
9.0
M
19
ZeroCERT
48984
2024-10-18 10:08
RKbqmU7pcsLQXbJ.exe
49ec6066e392759948a86b61eed4b0ea
Generic Malware
Malicious Library
.NET framework(MSIL)
Antivirus
PWS
SMTP
KeyLogger
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
powershell
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
Creates shortcut
unpack itself
powershell.exe wrote
Check virtual network interfaces
suspicious process
WriteConsoleW
IP Check
Windows
ComputerName
DNS
Cryptographic key
DDNS
1
Info
×
checkip.dyndns.org(193.122.6.168)
1
Info
×
ET INFO External IP Lookup Domain in DNS Query (checkip .dyndns .org)
10.8
M
23
ZeroCERT
48985
2024-10-18 10:09
paste.ps1
546d10b7c0a8cacd843e1a51014d01ef
Generic Malware
Antivirus
VirusTotal
Malware
powershell
suspicious privilege
Check memory
WMI
unpack itself
Windows utilities
powershell.exe wrote
Check virtual network interfaces
suspicious process
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
2
Keyword trend analysis
×
Info
×
http://112.217.207.130/js/s.rar
http://112.217.207.130/js/config.json
1
Info
×
112.217.207.130 - mailcious
8.4
M
26
ZeroCERT
48986
2024-10-18 10:09
20230120_2.bin
df090fc9db83229c47d072fca9b3da6b
Generic Malware
Malicious Packer
PE File
PE64
VirusTotal
Malware
1.8
M
49
ZeroCERT
48987
2024-10-18 10:09
mq.ps1
ffa8b5a7aa923abbc6affb068c5435cd
Generic Malware
Antivirus
VirusTotal
Malware
powershell
suspicious privilege
Check memory
WMI
unpack itself
Windows utilities
powershell.exe wrote
Check virtual network interfaces
suspicious process
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
2
Keyword trend analysis
×
Info
×
http://1.255.85.176:8080/Wuck/s.rar
http://1.255.85.176:8080/Wuck/config.json
1
Info
×
1.255.85.176 - mailcious
9.0
M
29
ZeroCERT
48988
2024-10-18 10:11
demon.x64.exe
806425052861a58f462b8e18b7502ae6
Generic Malware
PE File
PE64
VirusTotal
Malware
unpack itself
1.6
M
47
ZeroCERT
48989
2024-10-18 10:12
swift-bypass-breakpoints.exe
20c633524cd5febea9dc735458b4c382
Generic Malware
PE File
PE64
VirusTotal
Malware
unpack itself
1.4
M
38
ZeroCERT
48990
2024-10-18 10:14
c.scr
861fad99e36fe9b166d47cb3a6c3cd4a
Malicious Library
.NET framework(MSIL)
PE File
.NET EXE
PE32
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
Check virtual network interfaces
Windows
DNS
1
Info
×
103.72.57.120 - mailcious
5.4
33
ZeroCERT
First
Previous
3261
3262
3263
3264
3265
3266
3267
3268
3269
3270
Next
Last
Total : 49,283cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
