Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
6481
2023-12-22 08:27
ma.exe
4737e1a615b8b7d377586394589844d4
PE File
PE64
.NET EXE
unpack itself
Windows
Remote Code Execution
crashed
2.0
M
ZeroCERT
6482
2023-12-22 08:25
cp.exe
8fc868f86ee50172a6135d3a58d3495f
Downloader
Malicious Library
VMProtect
UPX
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
PE32
PE File
AutoRuns
Code Injection
Check memory
Creates executable files
Windows utilities
suspicious process
WriteConsoleW
Windows
ComputerName
Remote Code Execution
5.4
M
ZeroCERT
6483
2023-12-22 08:24
crypted.exe
42464d83d6f8b2ce1a88cf6c7c721c09
RedLine stealer
Malicious Library
Admin Tool (Sysinternals etc ...)
UPX
ScreenShot
PWS
AntiDebug
AntiVM
PE32
PE File
OS Processor Check
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows
DNS
Cryptographic key
crashed
1
Info
×
194.26.192.132
8.6
M
ZeroCERT
6484
2023-12-22 08:22
v1220-55000.exe
04f93f610df4d1c941ec7f64679e3039
.NET framework(MSIL)
UPX
Malicious Library
ScreenShot
AntiDebug
AntiVM
PE32
PE File
.NET EXE
DLL
OS Processor Check
Buffer PE
PDB
Code Injection
Check memory
Checks debugger
buffers extracted
Creates executable files
unpack itself
AppData folder
Windows
Cryptographic key
crashed
8.2
ZeroCERT
6485
2023-12-22 08:22
Wzslollihv.exe
1a9c1d237843ca776d5d1d2ef84fb493
Hide_EXE
UPX
PE File
PE64
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
2.2
M
39
ZeroCERT
6486
2023-12-22 08:20
Minodeka.exe
eb591336a1a8c61faf248e784166a19a
Malicious Library
PE32
PE File
VirusTotal
Malware
PDB
unpack itself
Remote Code Execution
2.4
56
ZeroCERT
6487
2023-12-22 08:20
setup294.exe
391487909449a0c19ea2a2ae599c8731
Malicious Library
AntiDebug
AntiVM
PE32
PE File
DLL
Code Injection
Check memory
Checks debugger
Creates executable files
unpack itself
AppData folder
3.6
M
ZeroCERT
6488
2023-12-22 08:18
againn.exe
24d81523b3033dddc3bf6526d86f819d
Malicious Library
Malicious Packer
UPX
PE32
PE File
OS Processor Check
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
Windows
DNS
Cryptographic key
1
Info
×
45.15.156.2 - mailcious
5.0
M
56
ZeroCERT
6489
2023-12-22 08:17
frreebeeie.exe
2c8bf6e42f2195c8256d91f5007a1219
PE File
PE64
VirusTotal
Malware
Malicious Traffic
Check memory
Checks debugger
buffers extracted
unpack itself
Check virtual network interfaces
DNS
1
Keyword trend analysis
×
Info
×
http://185.196.8.248/panel/uploads/Kflflije.wav
1
Info
×
185.196.8.248 - malware
4.2
M
40
ZeroCERT
6490
2023-12-22 08:16
build_2023-12-19_21-29.exe
19c47b81c5a0b6c2791c0ff91e21e87a
Malicious Library
UPX
PE32
PE File
OS Processor Check
VirusTotal
Malware
unpack itself
Windows
DNS
crashed
1
Info
×
34.117.186.192
3.6
M
55
ZeroCERT
6491
2023-12-22 08:15
sl.exe
a6f1e6b5775a94219b69a6261b36244a
Malicious Library
Downloader
Admin Tool (Sysinternals etc ...)
UPX
PE32
PE File
Malware download
VirusTotal
Malware
AutoRuns
Malicious Traffic
Windows
DNS
Downloader
2
Keyword trend analysis
×
Info
×
http://193.3.19.247/Installed
http://193.3.19.247/pl.exe
1
Info
×
193.3.19.247 - malware
2
Info
×
ET INFO Executable Download from dotted-quad Host
ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile
4.2
M
50
ZeroCERT
6492
2023-12-22 08:13
adobe.exe
a056c3e2e3334be82cc40e2af20ef67b
Emotet
Gen1
Generic Malware
Malicious Library
UPX
Malicious Packer
Admin Tool (Sysinternals etc ...)
PE32
PE File
MZP Format
DLL
OS Processor Check
PE64
DllRegisterServer
dll
wget
ZIP Format
Check memory
Checks debugger
Creates executable files
unpack itself
AppData folder
ComputerName
crashed
2.6
ZeroCERT
6493
2023-12-22 08:13
build2.exe
e23c839edb489081120befe1e44b04db
Client SW User Data Stealer
LokiBot
ftp Client
info stealer
Malicious Library
UPX
Http API
PWS
Code injection
AntiDebug
AntiVM
PE32
PE File
OS Processor Check
VirusTotal
Malware
Telegram
PDB
MachineGuid
Code Injection
Malicious Traffic
Checks debugger
buffers extracted
WMI
unpack itself
malicious URLs
Tofsee
ComputerName
Remote Code Execution
DNS
crashed
1
Keyword trend analysis
×
Info
×
https://steamcommunity.com/profiles/76561199583900422
5
Info
×
t.me(149.154.167.99) - mailcious
steamcommunity.com(104.76.78.101) - mailcious
149.154.167.99 - mailcious
104.76.78.101 - mailcious
95.216.178.71
3
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
ET INFO Observed Telegram Domain (t .me in TLS SNI)
11.0
58
ZeroCERT
6494
2023-12-22 08:13
brg.exe
dff334fa8d2c701dba4139875f14c9ff
Malicious Library
VMProtect
UPX
PE32
PE File
VirusTotal
Malware
unpack itself
Remote Code Execution
DNS
2
Info
×
94.103.94.153
121.254.136.18
3.4
21
ZeroCERT
6495
2023-12-22 08:11
ww.exe
ca582fafbbb257ccf1bf91dac47fcf4f
Malicious Library
UPX
PE32
PE File
OS Processor Check
VirusTotal
Malware
PDB
unpack itself
Remote Code Execution
2.2
32
ZeroCERT
First
Previous
431
432
433
434
435
436
437
438
439
440
Next
Last
Total : 48,302cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword