Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
6586
2023-12-14 19:32
statem_pdf.exe
55461180284dcdf6ad0f3edaf8d68307
Client SW User Data Stealer
browser
info stealer
Generic Malware
Google
Chrome
User Data
Downloader
Malicious Library
WinRAR
UPX
Http API
PWS
Code injection
Create Service
Socket
DGA
ScreenShot
Escalate priviledges
Steal credential
Sniff Audio
HTTP
DNS
Bi
Browser Info Stealer
VirusTotal
Malware
PDB
Code Injection
Checks debugger
Creates executable files
exploit crash
unpack itself
Check virtual network interfaces
malicious URLs
installed browsers check
Exploit
Browser
Remote Code Execution
DNS
crashed
1
Info
×
66.228.60.47 - malware
9.6
M
38
ZeroCERT
6587
2023-12-14 19:24
Delivery_Info.jar
3fba07cd88c0e3e2ca5de99fa15b4878
Malicious Library
UPX
MSOffice File
ZIP Format
PE32
PE File
DLL
OS Processor Check
JPEG Format
Malware download
NetWireRC
VirusTotal
Email Client Info Stealer
Malware
AutoRuns
Check memory
Checks debugger
buffers extracted
WMI
Creates executable files
RWX flags setting
unpack itself
Windows utilities
Check virtual network interfaces
suspicious process
AppData folder
WriteConsoleW
IP Check
Windows
Java
Email
ComputerName
DNS
crashed
1
Keyword trend analysis
×
Info
×
http://ip-api.com/json/
9
Info
×
objects.githubusercontent.com(185.199.110.133) - malware
repo1.maven.org(199.232.196.209)
github.com(20.200.245.247) - mailcious
ip-api.com(208.95.112.1)
185.199.111.133 - mailcious
146.75.92.209
208.95.112.1
108.170.20.66
20.200.245.247 - malware
2
Info
×
ET MALWARE STRRAT CnC Checkin
ET POLICY External IP Lookup ip-api.com
9.0
M
19
ZeroCERT
6588
2023-12-14 19:21
fol3.exe
7e407251c6c0cc328bd4c3bfbe0fc4a4
Malicious Packer
UPX
PE File
PE64
VirusTotal
Malware
buffers extracted
RWX flags setting
Check virtual network interfaces
DNS
1
Info
×
113.52.134.114 - malware
4.2
M
35
ZeroCERT
6589
2023-12-14 19:21
wai5.exe
f66bfc5ab54885f007da2c63908ff0bf
Malicious Packer
PE File
PE64
VirusTotal
Malware
buffers extracted
RWX flags setting
Check virtual network interfaces
DNS
3
Info
×
113.52.134.114 - malware
172.67.217.152
66.228.60.47 - malware
4.4
M
22
ZeroCERT
6590
2023-12-14 19:19
ekk4.exe
9cd7218fc8af560875620ce52c7c294d
Malicious Packer
UPX
PE File
PE64
VirusTotal
Malware
buffers extracted
RWX flags setting
Check virtual network interfaces
DNS
1
Info
×
113.52.134.114 - malware
4.2
M
37
ZeroCERT
6591
2023-12-14 19:16
ekk1.exe
10c118856dd7ca8b8bf9cfbeafaa52e2
Malicious Packer
UPX
PE File
PE64
VirusTotal
Malware
buffers extracted
RWX flags setting
Check virtual network interfaces
DNS
1
Info
×
113.52.134.114 - malware
4.4
M
46
ZeroCERT
6592
2023-12-14 19:16
zil3.exe
129c9feef30f2b990141cff971e52a0e
Malicious Packer
UPX
PE File
PE64
VirusTotal
Malware
buffers extracted
RWX flags setting
Check virtual network interfaces
DNS
1
Info
×
113.52.134.114 - malware
4.2
M
34
ZeroCERT
6593
2023-12-14 19:14
agent.exe
ca2de368c8a4930ce09986cd9f9f2280
Malicious Library
Malicious Packer
UPX
PE File
PE64
OS Processor Check
VirusTotal
Malware
MachineGuid
unpack itself
Tofsee
ComputerName
2
Info
×
cs.lvsehacker.com(104.21.59.67)
172.67.217.152
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
1.6
M
15
ZeroCERT
6594
2023-12-14 19:14
wai1.exe
c3b81b17438502e889673d6d4090ce4d
Malicious Packer
UPX
PE File
PE64
VirusTotal
Malware
buffers extracted
RWX flags setting
Check virtual network interfaces
DNS
1
Info
×
113.52.134.114 - malware
4.4
M
41
ZeroCERT
6595
2023-12-14 19:12
wai4.exe
1c4ec8da3de452e22419c95bac53846c
Malicious Packer
UPX
PE File
PE64
VirusTotal
Malware
buffers extracted
RWX flags setting
Check virtual network interfaces
DNS
1
Info
×
113.52.134.114 - malware
4.2
M
39
ZeroCERT
6596
2023-12-14 19:12
wai3.exe
07eba257f3c68d1effd1704ad3bdf746
Malicious Packer
UPX
PE File
PE64
VirusTotal
Malware
buffers extracted
RWX flags setting
Check virtual network interfaces
DNS
1
Info
×
113.52.134.114 - malware
4.2
M
35
ZeroCERT
6597
2023-12-14 19:10
ekk3.exe
ef6b878516a8dbc3593a44e6c1d3d14c
Malicious Packer
UPX
PE File
PE64
VirusTotal
Malware
buffers extracted
RWX flags setting
Check virtual network interfaces
DNS
1
Info
×
113.52.134.114 - malware
4.2
M
38
ZeroCERT
6598
2023-12-14 19:09
Symbloa.dll
e55eb7a2b596ee04a0789a06b7d55db8
PE File
DLL
PE64
VirusTotal
Malware
Checks debugger
unpack itself
1.4
M
21
ZeroCERT
6599
2023-12-14 19:07
fol5.exe
220427ccd450638df243193a8ba34f23
Malicious Packer
PE File
PE64
VirusTotal
Malware
buffers extracted
RWX flags setting
Check virtual network interfaces
DNS
2
Info
×
113.52.134.114 - malware
66.228.60.47 - malware
4.0
M
23
ZeroCERT
6600
2023-12-14 19:07
ekk2.exe
dc641ffeec47fc349d52339107b98dc5
Malicious Packer
UPX
PE File
PE64
VirusTotal
Malware
buffers extracted
RWX flags setting
sandbox evasion
2.8
M
40
ZeroCERT
First
Previous
431
432
433
434
435
436
437
438
439
440
Next
Last
Total : 48,289cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword