Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
49096
2024-10-21 14:36
fortpriv2.exe
7a0a6fd82698a9276141efaca0af7bfa
Generic Malware
Malicious Library
Downloader
UPX
PE File
ftp
PE64
OS Processor Check
VirusTotal
Malware
PDB
1.4
M
33
ZeroCERT
49097
2024-10-21 14:36
file.exe
f7f61ffb8e1f1e272bdf4d326086e760
Generic Malware
Malicious Library
Admin Tool (Sysinternals etc ...)
UPX
Antivirus
PE File
PE32
OS Processor Check
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
MachineGuid
Check memory
Checks debugger
Creates shortcut
unpack itself
Check virtual network interfaces
suspicious process
Windows
ComputerName
Remote Code Execution
Cryptographic key
1
Keyword trend analysis
×
Info
×
https://osecweb.ir/js/config_20.ps1
1
Info
×
osecweb.ir(185.79.156.69) - malware
10.0
M
54
ZeroCERT
49098
2024-10-21 14:38
file.exe
fa3f3956695fa1ff108e351a4d75da65
Glupteba
Malicious Library
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
unpack itself
2.6
M
60
ZeroCERT
49099
2024-10-21 14:38
fridayfiledatingmanagerfMPDW-c...
1e74a1e9b214a5e7de05d71bc03849e8
Generic Malware
Antivirus
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
Check virtual network interfaces
suspicious process
WriteConsoleW
Windows
Advertising
Google
ComputerName
Cryptographic key
2
Keyword trend analysis
×
Info
×
https://drive.google.com/uc?export=download&id=17kQITFJZ1tqdqTVyc8JyKCRsAb083F4G
http://fridaylocalmanager.duckdns.org/madamwebbbbbbbbbbb.txt
1
Info
×
drive.google.com(142.250.76.142) - mailcious
10.0
M
8
ZeroCERT
49100
2024-10-21 14:41
windowshost.exe
5cb4036d3d3ca0763b46b3bdba8c1965
Malicious Library
.NET framework(MSIL)
UPX
PE File
.NET EXE
PE32
OS Processor Check
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
2.0
M
63
ZeroCERT
49101
2024-10-21 14:41
67065a0933c9e_UUESUpdater.exe
8a581e21c06dfd34d3b5859983503249
Malicious Library
PE File
.NET EXE
PE32
Lnk Format
GIF Format
VirusTotal
Malware
AutoRuns
suspicious privilege
MachineGuid
Check memory
Checks debugger
Creates shortcut
Creates executable files
unpack itself
AppData folder
Windows
ComputerName
6.2
M
51
ZeroCERT
49102
2024-10-21 14:42
FirewallLichh.exe
40f68d8b1be0f31f4aaf28dccf2f94cb
Downloader
UPX
PE File
ftp
PE64
OS Processor Check
VirusTotal
Malware
PDB
1.2
M
38
ZeroCERT
49103
2024-10-21 14:42
63e909b3647d.exe
744a21bfdc5743226790594eb481aab6
Generic Malware
Malicious Library
UPX
ScreenShot
AntiDebug
AntiVM
PE File
PE32
OS Processor Check
Code Injection
buffers extracted
unpack itself
crashed
6.0
M
ZeroCERT
49104
2024-10-21 14:44
file.exe
47a0d90c01b43ed755d1152ffc3a5068
Generic Malware
Malicious Library
Malicious Packer
UPX
PE File
PE64
OS Processor Check
VirusTotal
Malware
PDB
1.8
M
45
ZeroCERT
49105
2024-10-21 14:47
scbronkz09.dll
c32e01ebaec0c994672b56bfa5410962
Generic Malware
Malicious Library
UPX
PE File
DLL
PE64
OS Processor Check
VirusTotal
Malware
unpack itself
crashed
2.0
M
42
ZeroCERT
49106
2024-10-21 14:49
sample.hta
626bcb3968271f435d45e03c6b730644
Generic Malware
Antivirus
AntiDebug
AntiVM
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Code Injection
Check memory
Checks debugger
Creates shortcut
RWX flags setting
unpack itself
Check virtual network interfaces
suspicious process
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
1
Info
×
210.56.13.114 - mailcious
9.2
M
30
ZeroCERT
49107
2024-10-21 14:51
config_20.ps1
348e731842f0996901324f1e39cea721
Generic Malware
Antivirus
VirusTotal
Malware
Check memory
unpack itself
Check virtual network interfaces
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
crashed
1
Keyword trend analysis
×
Info
×
http://217.12.206.79/index.php
1
Info
×
217.12.206.79
4.2
M
23
ZeroCERT
49108
2024-10-21 14:53
eveningxlsxxxxMPDW-constraints...
356aaed2b986621fc0e592625204ab4a
Generic Malware
Antivirus
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
Check virtual network interfaces
suspicious process
WriteConsoleW
Windows
ComputerName
Cryptographic key
2
Keyword trend analysis
×
Info
×
https://raw.githubusercontent.com/CryptersAndToolsOficial/ZIP/refs/heads/main/DetahNote_V.jpg
http://mirakleeeman.duckdns.org/madamwebbbbbbase64444.txt
1
Info
×
raw.githubusercontent.com(185.199.111.133) - malware
6.4
M
12
ZeroCERT
49109
2024-10-21 14:55
d74f5005fa82.exe
7dd36b60a04e627d234e5e85d44cbe63
Generic Malware
Malicious Library
UPX
ScreenShot
AntiDebug
AntiVM
PE File
PE32
OS Processor Check
Code Injection
buffers extracted
unpack itself
crashed
7.0
M
ZeroCERT
49110
2024-10-21 14:58
aa.exe
c35b138798d06ef2009300eff2932703
Malicious Library
.NET framework(MSIL)
UPX
PE File
.NET EXE
PE32
OS Processor Check
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
2.0
M
60
ZeroCERT
First
Previous
3271
3272
3273
3274
3275
3276
3277
3278
3279
3280
Next
Last
Total : 49,283cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
