Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
5956
2021-03-15 16:28
Cuckoo_AI.txt
1dc6a2a22b299d80df8826ce6051260e
Check memory
unpack itself
1.0
guest
5957
2021-03-15 16:30
Cuckoo_AI.txt
1dc6a2a22b299d80df8826ce6051260e
Check memory
unpack itself
DNS
1.6
guest
5958
2021-03-15 16:32
Cuckoo_AI.txt
1dc6a2a22b299d80df8826ce6051260e
Check memory
unpack itself
1.0
guest
5959
2021-03-15 17:01
winlog2.exe
d06fb902ada1dcc76a186526c8db519b
Generic Malware
Browser Info Stealer
LokiBot
Malware download
FTP Client Info Stealer
VirusTotal
Email Client Info Stealer
Malware
MachineGuid
Malicious Traffic
Check memory
Creates executable files
AppData folder
malicious URLs
sandbox evasion
installed browsers check
Browser
Email
ComputerName
Software
1
Keyword trend analysis
×
Info
×
http://seafirst-kr.com/zoro/zoro5/fre.php
2
Info
×
seafirst-kr.com(52.6.206.192) -
52.6.206.192 -
4
Info
×
ET MALWARE LokiBot User-Agent (Charon/Inferno)
ET MALWARE LokiBot Checkin
ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1
ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2
8.8
44
guest
5960
2021-03-15 17:06
winlog.exe
604ae68dcc412a404f572bd7683b5030
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
Creates executable files
unpack itself
AppData folder
malicious URLs
sandbox evasion
ComputerName
crashed
6.0
44
ZeroCERT
5961
2021-03-15 17:15
Cuckoo_AI.txt
1dc6a2a22b299d80df8826ce6051260e
Check memory
unpack itself
1.0
guest
5962
2021-03-15 17:20
4.exe
21f05e1cb9b7d6246d29e2588b27bd7f
Generic Malware
VirusTotal
Malware
unpack itself
Remote Code Execution
2.8
36
ZeroCERT
5963
2021-03-15 17:20
Cuckoo_AI.txt
1dc6a2a22b299d80df8826ce6051260e
Check memory
unpack itself
DNS
1.6
guest
5964
2021-03-15 17:22
Cuckoo_AI.txt
1dc6a2a22b299d80df8826ce6051260e
Check memory
unpack itself
malicious URLs
1.4
guest
5965
2021-03-15 17:35
Cuckoo_AI.txt
1dc6a2a22b299d80df8826ce6051260e
Check memory
unpack itself
1.0
guest
5966
2021-03-15 17:39
razi.exe
fcf267c5a024af4a880c33317eaa5432
Azorult
.NET framework
AsyncRAT
backdoor
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows
ComputerName
Cryptographic key
crashed
9.0
21
guest
5967
2021-03-15 18:26
6.exe
dc3da51556a8f20e2273b1c87c953ff7
Generic Malware
VirusTotal
Malware
unpack itself
Remote Code Execution
2.2
24
guest
5968
2021-03-16 10:55
Newtroop225.exe
08709f9689c1f83f421dc0d4de3fec36
email
stealer
browser
info stealer
Generic Malware
VirusTotal
Malware
unpack itself
Remote Code Execution
3.0
42
ZeroCERT
5969
2021-03-16 11:03
Newptad472.exe
521d7d73831f2a5ef620407e3be9212b
email
stealer
browser
info stealer
Generic Malware
VirusTotal
Malware
unpack itself
2.4
28
ZeroCERT
5970
2021-03-16 11:27
winlog.exe
604ae68dcc412a404f572bd7683b5030
ftp Client
info stealer
email
stealer
Win
Trojan
agentTesla
browser
Google
Chrome
User Data
Generic Malware
Download management
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
Creates executable files
unpack itself
AppData folder
malicious URLs
sandbox evasion
Ransomware
Tor
ComputerName
crashed
7.2
49
r0d
First
Previous
391
392
393
394
395
396
397
398
399
400
Next
Last
Total : 48,320cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword