Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
6061
2021-03-17 16:41
1234.xlsx
8e8421aa37f5016fdadf7a5e8cb1aa24
unpack itself
1.2
guest
6062
2021-03-17 16:44
win32.exe
17e61b65fec953907f49f99f757dd4ac
VirusTotal
Malware
MachineGuid
Check memory
Checks debugger
unpack itself
malicious URLs
2.8
M
10
guest
6063
2021-03-17 16:45
putty.exe
6fa14b3b1c54a26f0b9bbcd2f6b45899
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
malicious URLs
Remote Code Execution
2.8
M
1
guest
6064
2021-03-17 16:46
test.doc
08868145d5d7e0cf46eb6eb749569121
unpack itself
1.2
guest
6065
2021-03-17 16:47
test.html
1e4afb756fe35ed1998103207ffb6758
Code Injection
RWX flags setting
unpack itself
Windows utilities
Windows
2.2
guest
6066
2021-03-17 16:48
test.pdf
6f1da2d9ab4434ade3574364d5d0a993
guest
6067
2021-03-17 16:48
test.hwp
9ffb9819a6430c4c093ee8e6edac765e
Checks debugger
Creates shortcut
Creates executable files
unpack itself
1.8
guest
6068
2021-03-17 16:49
test.docx
9c1e2916ddbf175ff21e20964d91a30e
unpack itself
1.2
guest
6069
2021-03-17 16:50
test.zip
2b6b30ed1924b00d2033d41e097cf6b7
guest
6070
2021-03-17 16:54
test.txt
d41d8cd98f00b204e9800998ecf8427e
Check memory
unpack itself
1.0
guest
6071
2021-03-17 16:56
test.txt
098f6bcd4621d373cade4e832627b4f6
Check memory
unpack itself
1.0
guest
6072
2021-03-17 17:06
PO_2173_Scanned_13.pdf
0cb0ce99b82727b4701d9aeab2aa4451
ftp Client
info stealer
email
stealer
Win
Trojan
agentTesla
browser
Antivirus
Google
Chrome
User Data
AsyncRAT
backdoor
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Email Client Info Stealer
Malware
powershell
Buffer PE
suspicious privilege
Code Injection
Malicious Traffic
Check memory
Checks debugger
buffers extracted
Creates shortcut
unpack itself
powershell.exe wrote
Check virtual network interfaces
suspicious process
malicious URLs
IP Check
Tofsee
Windows
Browser
Email
ComputerName
DNS
Cryptographic key
DDNS
Software
crashed
2
Keyword trend analysis
×
Info
×
http://checkip.dyndns.org/
https://freegeoip.app/xml/175.208.134.150
4
Info
×
freegeoip.app(104.21.19.200)
checkip.dyndns.org(131.186.113.70)
216.146.43.71
104.21.19.200
4
Info
×
ET INFO DYNAMIC_DNS Query to *.dyndns. Domain
ET POLICY External IP Lookup - checkip.dyndns.org
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET POLICY DynDNS CheckIp External IP Address Server Response
16.4
M
56
guest
6073
2021-03-17 17:33
WJU.exe
759104370561b12f07fea800546ab47d
Malicious Packer
Generic Malware
VirusTotal
Malware
RWX flags setting
unpack itself
DNS
2.4
M
12
ZeroCERT
6074
2021-03-17 17:43
putty.exe
6fa14b3b1c54a26f0b9bbcd2f6b45899
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
Remote Code Execution
2.0
M
1
guest
6075
2021-03-17 17:44
XCV.exe
8d2ee34543afa9e564d264108c723b99
Malicious Packer
Generic Malware
VirusTotal
Malware
RWX flags setting
unpack itself
DNS
2.2
M
26
ZeroCERT
First
Previous
401
402
403
404
405
406
407
408
409
410
Next
Last
Total : 48,320cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
