Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
49366
2024-11-11 10:01
chromedriver.exe
6ad958806d2e545420aac7cc1fcb8506
Malicious Library
Anti_VM
PE File
.NET EXE
PE32
VirusTotal
Malware
PDB
Check memory
Checks debugger
Creates shortcut
unpack itself
Check virtual network interfaces
WriteConsoleW
ComputerName
DNS
1
Info
×
139.99.3.47 -
5.0
46
ZeroCERT
49367
2024-11-11 10:02
PhotoBox.docx
8d8718cc95ecf6af196cc0c0eaac9ae2
Hide_EXE
Generic Malware
task schedule
Malicious Library
.NET framework(MSIL)
Antivirus
KeyLogger
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
PDB
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
Creates shortcut
unpack itself
Windows utilities
suspicious process
WriteConsoleW
Windows
ComputerName
Cryptographic key
10.0
49
ZeroCERT
49368
2024-11-11 10:02
xKtzvdEoDAjLmvN.exe
9d246f5e01f060fe08c2f15d4e8a58e0
Client SW User Data Stealer
Backdoor
RemcosRAT
browser
info stealer
Generic Malware
Google
Chrome
User Data
Downloader
Malicious Library
Antivirus
.NET framework(MSIL)
Create Service
Socket
ScreenShot
Escalate priviledges
PWS
Sniff Audio
DNS
Internet API
VirusTotal
Malware
AutoRuns
PDB
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
Creates shortcut
RWX flags setting
unpack itself
Windows utilities
suspicious process
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
1
Info
×
66.63.162.79 -
13.2
52
ZeroCERT
49369
2024-11-11 10:03
NVIDIA.exe
27e03cf0e06e2536b8bac6914d4c4cb5
Malicious Library
.NET framework(MSIL)
DNS
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
Buffer PE
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
WMI
unpack itself
Check virtual network interfaces
ComputerName
1
Info
×
google.com(142.250.196.142) -
10.2
53
ZeroCERT
49370
2024-11-11 10:04
sg.exe
48bc0b9203e4c5e02697426be45ae63a
Generic Malware
Admin Tool (Sysinternals etc ...)
UPX
PE File
PE32
VirusTotal
Malware
RWX flags setting
unpack itself
crashed
1
Info
×
safe.ywxww.net(60.191.236.246) -
2.6
51
ZeroCERT
49371
2024-11-11 10:04
svchost.exe
0983bdf15d86d9a3119e3d04d23eba53
Malicious Library
Malicious Packer
PE File
PE64
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
2.2
21
ZeroCERT
49372
2024-11-11 10:06
Manger.docx
53eac0d35066ed3fbce4e52ca06fec42
Antivirus
VirusTotal
Malware
RWX flags setting
2.0
26
ZeroCERT
49373
2024-11-11 10:06
lum.exe
1d97c138b9e3c19f4900a6a348240430
Generic Malware
Malicious Library
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
1.8
52
ZeroCERT
49374
2024-11-11 10:07
document.exe
a92c1499dbcfff3bc5b57853f6219eec
Generic Malware
Malicious Library
Malicious Packer
UPX
PE File
PE64
OS Processor Check
VirusTotal
Malware
PDB
1.4
39
ZeroCERT
49375
2024-11-11 10:08
sgupdate.exe
f60e2ff775cfbf5c3656d3a7a96fff3f
Malicious Library
Admin Tool (Sysinternals etc ...)
UPX
AntiDebug
AntiVM
PE File
PE32
MSOffice File
VirusTotal
Malware
Code Injection
Check memory
RWX flags setting
unpack itself
Windows utilities
suspicious process
AppData folder
WriteConsoleW
Windows
crashed
1
Info
×
safe.ywxww.net(60.191.236.246) -
5.8
48
ZeroCERT
49376
2024-11-11 10:08
we.exe
d7c40c24060c5d6f38e8dc41e7490778
PE File
PE32
VirusTotal
Malware
WriteConsoleW
1.4
57
ZeroCERT
49377
2024-11-11 10:08
Adobeflash.msi
16a2d0c6e475bc422bf93644bef37e3a
Generic Malware
Malicious Library
MSOffice File
CAB
OS Processor Check
VirusTotal
Malware
Buffer PE
suspicious privilege
Check memory
Checks debugger
buffers extracted
unpack itself
AntiVM_Disk
VM Disk Size Check
ComputerName
4
Info
×
ocsp.digicert.com(152.195.38.76) -
ps.pndsn.com(18.179.18.154) -
crl3.digicert.com(152.195.38.76) -
agent-api.atera.com(20.37.139.187) -
4.2
22
ZeroCERT
49378
2024-11-11 10:10
PO-54752454235.hta
ae1d170677ac0a614ed5d88b943c7635
Generic Malware
Antivirus
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
Check virtual network interfaces
suspicious process
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
1
Info
×
185.196.11.151 -
7.0
28
ZeroCERT
49379
2024-11-11 10:11
wbgjn.exe
4c899595ed9f2849d13ebff2e622a506
Admin Tool (Sysinternals etc ...)
UPX
PE File
PE32
VirusTotal
Malware
Creates executable files
RWX flags setting
unpack itself
crashed
1
Info
×
safe.ywxww.net(60.191.236.246) -
3.0
53
ZeroCERT
49380
2024-11-11 10:13
Lee.exe
a7fcb5ec6dfef33922b57a9fb7251743
Malicious Library
PE File
PE64
VirusTotal
Malware
RWX flags setting
unpack itself
ComputerName
DNS
1
Info
×
101.133.156.69 -
4.6
63
ZeroCERT
First
Previous
3291
3292
3293
3294
3295
Last
Total : 49,422cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
