Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
5626
2021-03-05 09:13
Purchase Order# 6101965.exe
128f0f7cad5b48208a4a775af7739266
VirusTotal
Malware
PDB
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows utilities
suspicious process
malicious URLs
WriteConsoleW
Windows
ComputerName
Cryptographic key
12.0
14
ZeroCERT
5627
2021-03-05 09:33
Incoming Doc.exe
56a2c4a414e5116e190be46f1d1cc9f6
VirusTotal
Malware
PDB
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows utilities
suspicious process
malicious URLs
WriteConsoleW
Windows
ComputerName
Cryptographic key
11.0
24
ZeroCERT
5628
2021-03-05 09:34
INVOICE_Sign.exe
f44a32dbe2279c4b3e2cb57e9d162e88
VirusTotal
Malware
Buffer PE
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows utilities
suspicious process
malicious URLs
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
crashed
13.8
30
ZeroCERT
5629
2021-03-05 10:03
dontTouch.exe
818a64d619f6bbdbc4d68ff7411b6418
VirusTotal
Malware
Check memory
malicious URLs
DNS
1
Info
×
35.161.124.173 - mailcious
2.8
55
r0d
5630
2021-03-05 10:05
Invoice Paid.exe
0159a6d4e79046b3404946e47b374d51
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
malicious URLs
Windows
ComputerName
DNS
Cryptographic key
crashed
2
Keyword trend analysis
×
Info
×
http://192.168.56.103:5357/da8ea474-550f-433d-b444-54d2081d1d24/
http://192.168.56.103:2869/upnphost/udhisapi.dll?content=uuid:2d284ad3-5648-4376-8360-b0559e35418f
11.8
33
ZeroCERT
5631
2021-03-05 10:05
Kifizetett számlák.exe
0159a6d4e79046b3404946e47b374d51
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
unpack itself
malicious URLs
Windows
ComputerName
Cryptographic key
2
Keyword trend analysis
×
Info
×
http://192.168.56.103:5357/da8ea474-550f-433d-b444-54d2081d1d24/
http://192.168.56.103:2869/upnphost/udhisapi.dll?content=uuid:2d284ad3-5648-4376-8360-b0559e35418f
3.8
33
ZeroCERT
5632
2021-03-05 10:31
New Order303221.exe
31023a98104460094e4db31d9669160b
VirusTotal
Malware
Buffer PE
AutoRuns
suspicious privilege
MachineGuid
Check memory
Checks debugger
buffers extracted
unpack itself
Windows
Cryptographic key
5.0
19
ZeroCERT
5633
2021-03-05 10:31
PAG0.exe
def67ee23525a2987e9fd53eab1cc04c
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
malicious URLs
DNS
9.2
22
ZeroCERT
5634
2021-03-05 10:39
PGHTQ - PURCHASE ORDER #F925.p...
ac2220ce5a8171f3c29f27b5fc8b6386
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows utilities
suspicious process
malicious URLs
WriteConsoleW
Ransomware
Windows
Tor
ComputerName
Cryptographic key
11.8
36
ZeroCERT
5635
2021-03-05 10:39
Payment invoice_33021.exe
31023a98104460094e4db31d9669160b
VirusTotal
Malware
Buffer PE
AutoRuns
suspicious privilege
MachineGuid
Check memory
Checks debugger
buffers extracted
unpack itself
Windows
DNS
Cryptographic key
6.2
19
ZeroCERT
5636
2021-03-05 11:24
Purchase Order# 6101965.exe
128f0f7cad5b48208a4a775af7739266
VirusTotal
Malware
PDB
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows utilities
suspicious process
malicious URLs
WriteConsoleW
Windows
ComputerName
Cryptographic key
11.6
27
ZeroCERT
5637
2021-03-05 11:25
Quotation.exe
539a33b007d933edf4ff682250e7e93d
VirusTotal
Malware
Buffer PE
AutoRuns
suspicious privilege
MachineGuid
Check memory
Checks debugger
buffers extracted
unpack itself
Windows
ComputerName
DNS
Cryptographic key
crashed
5.6
13
ZeroCERT
5638
2021-03-05 11:29
SHIPPING BILL COPY.exe
35d1d7df509d9ab6fc0d937667d67cc2
VirusTotal
Malware
Buffer PE
AutoRuns
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows utilities
suspicious process
malicious URLs
WriteConsoleW
human activity check
Windows
ComputerName
DNS
DDNS
2
Info
×
mansengco778.ddns.net(79.134.225.21)
79.134.225.21
1
Info
×
ET POLICY DNS Query to DynDNS Domain *.ddns .net
15.2
15
ZeroCERT
5639
2021-03-05 11:29
remote.dotm
e2b322ed2a62e9bd4c1bfcdb2b37b9b7
VirusTotal
Malware
Code Injection
unpack itself
DNS
2
Info
×
resources.healthmade.org(18.188.224.193) - mailcious
18.188.224.193 - mailcious
6.6
M
30
ZeroCERT
5640
2021-03-05 11:37
sbw_jscript.xlsm
4a0c41bbcf0808d99b6ac38bee9387fa
VirusTotal
Malware
unpack itself
2
Info
×
docs.healthmade.org(18.221.177.35) - malware
18.221.177.35 - malware
2.8
M
18
ZeroCERT
First
Previous
371
372
373
374
375
376
377
378
379
380
Next
Last
Total : 48,345cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword