Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
5626
2024-09-19 09:40
main.exe
2cd03a08efea2cffdd6ba16757a8800a
Malicious Library
PE File
PE64
VirusTotal
Malware
RWX flags setting
unpack itself
ComputerName
DNS
1
Info
×
101.34.79.123
5.2
M
61
ZeroCERT
5627
2024-09-19 09:39
random.exe
a71fec0e25fa74c137793c874ee77c4e
RedLine stealer
Generic Malware
Malicious Library
UPX
Code injection
Anti_VM
AntiDebug
AntiVM
PE File
PE32
OS Processor Check
VirusTotal
Malware
MachineGuid
Code Injection
Check memory
Checks debugger
buffers extracted
RWX flags setting
exploit crash
unpack itself
malicious URLs
installed browsers check
Ransomware
Exploit
Browser
crashed
9.6
M
41
ZeroCERT
5628
2024-09-19 09:39
kin.exe
2eac5118a040a13e0207693aabfe88fe
AgentTesla
Malicious Library
Malicious Packer
UPX
PE File
OS Memory Check
.NET EXE
PE32
OS Name Check
OS Processor Check
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Email Client Info Stealer
Malware
suspicious privilege
Malicious Traffic
Check memory
Checks debugger
unpack itself
Check virtual network interfaces
IP Check
Windows
Browser
Email
ComputerName
DNS
Software
crashed
keylogger
1
Keyword trend analysis
×
Info
×
http://ip-api.com/line/?fields=hosting
2
Info
×
ip-api.com(208.95.112.1)
208.95.112.1
2
Info
×
ET INFO External IP Lookup Domain in DNS Lookup (ip-api .com)
ET POLICY External IP Lookup ip-api.com
7.8
M
57
ZeroCERT
5629
2024-09-19 09:38
66e80492300c8_cry.exe
fef7cb7c3bd0e8204e3e7fecc544e6e6
RedLine Infostealer
UltraVNC
Generic Malware
Malicious Library
UPX
PE File
PE32
OS Processor Check
Malware download
VirusTotal
Malware
PDB
Stealer
DNS
1
Info
×
89.105.223.249 - mailcious
1
Info
×
ET MALWARE [ANY.RUN] MetaStealer v.5 CnC Activity (MC-NMF TLS SNI)
2.4
M
57
ZeroCERT
5630
2024-09-19 09:36
gefox.exe
ee42c29675d7fc861464f7265f55e42f
Emotet
Gen1
Malicious Library
UPX
PE File
PE32
MZP Format
PE64
OS Processor Check
DLL
VirusTotal
Malware
Checks debugger
Creates executable files
unpack itself
AppData folder
3.4
M
40
ZeroCERT
5631
2024-09-19 09:35
Quote_90614201_2024-10-16.pdf
b5796526f9522c44439fd5c5370edd64
PDF
unpack itself
Windows utilities
Windows
1.4
guest
5632
2024-09-17 14:35
setup2.exe
049ffcac0769d5d449839aae7853aaf2
Malicious Library
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
unpack itself
2.0
M
35
ZeroCERT
5633
2024-09-17 14:34
66e5f96b41510_GageEpa.exe#111u...
43044a8822f069feddd9c02fe36d8517
Generic Malware
Downloader
Malicious Library
UPX
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
PE File
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
WMI
Creates executable files
unpack itself
Windows utilities
suspicious process
AppData folder
malicious URLs
sandbox evasion
WriteConsoleW
Windows
ComputerName
7.4
M
30
ZeroCERT
5634
2024-09-17 14:34
ueu7.exe
3f96ae0cd28b2a63dee0fdcd2105d8a2
PE File
.NET EXE
PE32
VirusTotal
Malware
PDB
Check memory
Checks debugger
unpack itself
ComputerName
2.4
M
57
ZeroCERT
5635
2024-09-17 14:31
Ghost_0x000263826B9A9B91.exe
11df28c910c9d9127a7e7054e9cadf1f
UPX
PE File
PE64
OS Processor Check
VirusTotal
Malware
crashed
1.4
M
43
ZeroCERT
5636
2024-09-17 14:30
66c62b70f281e_tz4j.exe
9fb83bee6ff97065c498f48fc094f848
HermeticWiper
PhysicalDrive
Generic Malware
Malicious Library
Malicious Packer
Antivirus
UPX
PE File
ftp
PE64
OS Processor Check
VirusTotal
Malware
PDB
Creates executable files
unpack itself
ComputerName
crashed
4.2
M
49
ZeroCERT
5637
2024-09-17 14:29
Client_protected.exe
19574d1c471ceaa99d0d05321e7beba4
Generic Malware
UPX
Anti_VM
PE File
.NET EXE
PE32
VirusTotal
Malware
1.8
M
58
ZeroCERT
5638
2024-09-17 14:27
install_lodop32.exe
cee0d7092ec83373078d0045a0c74c40
PE File
PE32
MZP Format
DLL
DllRegisterServer
dll
Browser Info Stealer
VirusTotal
Malware
Creates executable files
unpack itself
sandbox evasion
Browser
RCE
DNS
crashed
1
Info
×
5.181.86.244
6.0
M
21
ZeroCERT
5639
2024-09-17 14:26
hq8.exe
0c4ae706774936caeee5ac840f184717
UPX
PE File
PE32
VirusTotal
Malware
1.2
M
58
ZeroCERT
5640
2024-09-17 14:26
66df1acad4359_res_out.exe
bee899073ade70f17b353c7f1f9e2748
Emotet
Generic Malware
Malicious Library
Malicious Packer
Antivirus
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
Buffer PE
AutoRuns
PDB
Code Injection
Malicious Traffic
buffers extracted
Creates executable files
unpack itself
Windows
DNS
3
Keyword trend analysis
×
Info
×
http://5.181.86.244/aXfj40bOe4/Plugins/clip64.dll
http://5.181.86.244/aXfj40bOe4/Plugins/cred64.dll
http://5.181.86.244/aXfj40bOe4/index.php
1
Info
×
5.181.86.244
3
Info
×
ET INFO Dotted Quad Host DLL Request
ET POLICY PE EXE or DLL Windows file download HTTP
ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download
8.8
M
46
ZeroCERT
First
Previous
371
372
373
374
375
376
377
378
379
380
Next
Last
Total : 53,742cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
