Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
49336
2024-11-08 17:15
SharpHound.exe
3fc3c623c7c16eeb01dff0cf07c6b732
Malicious Library
.NET framework(MSIL)
UPX
PE File
.NET EXE
PE32
OS Processor Check
VirusTotal
Malware
PDB
MachineGuid
Check memory
Checks debugger
unpack itself
Windows
Cryptographic key
2.8
37
ZeroCERT
49337
2024-11-08 17:17
CollosalLoader.exe
9a1361570008e75a9a8c6c93b8ea9a68
Malicious Library
.NET framework(MSIL)
UPX
PE File
.NET EXE
PE32
OS Processor Check
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
2.0
56
ZeroCERT
49338
2024-11-08 17:18
ngrok.exe
7a3c5b70ffdb7399dc9386ea6511c0a9
Malicious Library
Malicious Packer
UPX
PE File
PE64
OS Processor Check
VirusTotal
Malware
crashed
1.2
20
ZeroCERT
49339
2024-11-08 17:20
cred64.dll
f94a052d95dc5764215142f9b90ad7b9
Generic Malware
Malicious Library
UPX
Antivirus
PE File
DLL
PE64
OS Processor Check
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Email Client Info Stealer
Malware
Cryptocurrency wallets
Cryptocurrency
PDB
suspicious privilege
MachineGuid
Check memory
Checks debugger
Creates shortcut
unpack itself
Windows utilities
suspicious process
sandbox evasion
installed browsers check
Windows
Browser
Email
ComputerName
DNS
Cryptographic key
Software
1
Info
×
93.123.109.4
9.6
55
ZeroCERT
49340
2024-11-08 17:20
PowerView.ps1
bd51895ec50ad13a5a74ac8f5c92021b
Generic Malware
Antivirus
VirusTotal
Malware
Check memory
unpack itself
Windows
Cryptographic key
1.8
36
ZeroCERT
49341
2024-11-08 17:23
locker.exe
a44a69112351292c14e58a30ad3fa790
Generic Malware
Malicious Library
Malicious Packer
UPX
PE File
PE64
OS Processor Check
VirusTotal
Malware
WMI
ComputerName
2.2
51
ZeroCERT
49342
2024-11-11 09:32
api-ms-win-core-util-l1-1-0.dl...
13f00f212e8f474f1884a867aae7397b
UPX
PE File
DLL
PE64
OS Processor Check
VirusTotal
Malware
PDB
1.2
30
ZeroCERT
49343
2024-11-11 09:33
kldrgawdtjawd.exe
c7b0cb9208e2b95e4feb6b741ff1d84c
Malicious Library
Malicious Packer
.NET framework(MSIL)
UPX
PE File
.NET EXE
PE32
OS Processor Check
Browser Info Stealer
VirusTotal
Malware
suspicious privilege
MachineGuid
Check memory
Checks debugger
unpack itself
Check virtual network interfaces
IP Check
Windows
Browser
ComputerName
DNS
Cryptographic key
2
Info
×
ip-api.com(208.95.112.1) -
91.214.78.58 -
1
Info
×
ET INFO External IP Lookup Domain in DNS Lookup (ip-api .com)
6.4
51
ZeroCERT
49344
2024-11-11 09:34
shazam.exe
21c436316db8b145075304cc7f29b9c8
Malicious Library
UPX
PE File
PE64
MZP Format
OS Processor Check
VirusTotal
Malware
unpack itself
1.8
7
ZeroCERT
49345
2024-11-11 09:36
yaml-payload.jar
a37d31a4fd0e88f3e441d6c1c91e9189
ZIP Format
VirusTotal
Malware
Check memory
heapspray
unpack itself
Java
2.0
7
ZeroCERT
49346
2024-11-11 09:36
dccuac.ps1
33cf935daecc1036651e586728eb87bb
Generic Malware
Antivirus
VirusTotal
Malware
Check memory
unpack itself
1.4
27
ZeroCERT
49347
2024-11-11 09:40
mysql.bat
3160d4dc332d3fc0d1be76878455fb2e
Generic Malware
Downloader
Antivirus
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
FTP
KeyLogger
P2P
AntiDebug
AntiVM
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
powershell.exe wrote
Check virtual network interfaces
suspicious process
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
1
Info
×
101.133.156.69 -
10.0
16
ZeroCERT
49348
2024-11-11 09:42
crypted.exe
e1d09be68de1be491cdb2870bfc90854
Generic Malware
Malicious Library
UPX
ScreenShot
AntiDebug
AntiVM
PE File
PE32
OS Processor Check
VirusTotal
Malware
Code Injection
buffers extracted
unpack itself
WriteConsoleW
crashed
7.4
43
ZeroCERT
49349
2024-11-11 09:42
248364651.exe
438eefa86b9547c34689ed220758785a
njRAT
backdoor
Generic Malware
Malicious Library
Antivirus
UPX
PE File
MSOffice File
CAB
PE32
OS Name Check
OS Processor Check
DLL
VirusTotal
Malware
PDB
suspicious privilege
Check memory
Checks debugger
buffers extracted
Creates executable files
unpack itself
AppData folder
AntiVM_Disk
VM Disk Size Check
Windows
ComputerName
Remote Code Execution
Cryptographic key
1
Info
×
fnback9636.site(37.221.65.128) -
5.4
22
ZeroCERT
49350
2024-11-11 09:42
chrone.exe
ce3a6f4d1ebe823841187d30e9f143ab
Themida
Generic Malware
PE File
PE64
VirusTotal
Malware
crashed
1.8
36
ZeroCERT
First
Previous
3281
3282
3283
3284
3285
3286
3287
3288
3289
3290
Next
Last
Total : 49,394cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
