Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
6706
2023-12-11 19:22
Application.exe
dc9d29d62659c29eb6edd2295ad0c4ce
Malicious Library
UPX
PE32
PE File
OS Processor Check
VirusTotal
Email Client Info Stealer
Malware
Malicious Traffic
WMI
Checks Bios
anti-virtualization
Email
ComputerName
DNS
1
Keyword trend analysis
×
Info
×
http://91.92.247.96/zhark/api.php?id=f79767bea410708a229488fa01b3db96&us=test22&mn=TEST22-PC&os=Windows%207%20Professional%20N&bld=1.0.3B
3
Info
×
91.92.247.123 - malware
91.92.247.96 - malware
91.92.247.161 - mailcious
6.2
M
28
ZeroCERT
6707
2023-12-11 19:21
DLL%20Injector%20Resou%E2%80%A...
b6d15bc82d811c30d7e9633402bee9c2
Malicious Packer
PE File
PE64
VirusTotal
Malware
MachineGuid
Check virtual network interfaces
Tofsee
crashed
DoTNet
1
Keyword trend analysis
×
Info
×
http://apps.identrust.com/roots/dstrootcax3.p7c
3
Info
×
textbin.net(148.72.177.212) - mailcious
121.254.136.9
148.72.177.212 - mailcious
2
Info
×
ET INFO Pastebin-style Service (textbin .net in TLS SNI)
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
3.8
M
42
ZeroCERT
6708
2023-12-11 19:20
cred64.dll
b5cdfc4ca11aa7705c605fd93538a310
Malicious Library
UPX
PE File
DLL
PE64
OS Processor Check
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Malware
Cryptocurrency wallets
Cryptocurrency
PDB
MachineGuid
Malicious Traffic
Checks debugger
unpack itself
Windows utilities
sandbox evasion
installed browsers check
Windows
Browser
DNS
Software
1
Keyword trend analysis
×
Info
×
http://185.172.128.5/v8sjh3hs8/index.php
1
Info
×
185.172.128.5 - malware
7.4
M
47
ZeroCERT
6709
2023-12-11 19:18
Controlbackup.exe
294deb3dae4f4f961bf3888733b20ef5
Emotet
Gen1
Generic Malware
Malicious Library
UPX
PE32
PE File
OS Processor Check
VirusTotal
Malware
Check memory
unpack itself
ComputerName
Remote Code Execution
2.2
M
17
ZeroCERT
6710
2023-12-11 19:18
notepad.exe
1b89434edfa3a2a42b84a396ce4cb4b1
Generic Malware
Malicious Library
Malicious Packer
Admin Tool (Sysinternals etc ...)
Antivirus
UPX
PE File
PE64
VirusTotal
Malware
powershell
suspicious privilege
MachineGuid
Check memory
Checks debugger
Creates shortcut
unpack itself
powershell.exe wrote
suspicious process
Windows
ComputerName
Cryptographic key
3.6
M
9
ZeroCERT
6711
2023-12-11 19:17
tuc4.exe
269b9baebbde670b904d009f61854799
Emotet
Gen1
Generic Malware
Malicious Library
UPX
Malicious Packer
Admin Tool (Sysinternals etc ...)
PE32
PE File
MZP Format
DLL
OS Processor Check
DllRegisterServer
dll
PE64
wget
ZIP Format
Check memory
Checks debugger
Creates executable files
unpack itself
Windows utilities
suspicious process
AppData folder
WriteConsoleW
Windows
ComputerName
crashed
4.2
M
ZeroCERT
6712
2023-12-11 19:16
bloodefficiency.exe
6d7108103907bff106aa0ada254e52b2
.NET framework(MSIL)
PE32
PE File
.NET EXE
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
Check virtual network interfaces
DNS
1
Info
×
185.216.13.58 - mailcious
4.4
M
50
ZeroCERT
6713
2023-12-11 19:16
Gdbpyzcldrr.exe
ab0443c4b5ae89cd913377183852ecb3
Hide_EXE
.NET framework(MSIL)
AntiDebug
AntiVM
PE File
PE64
.NET EXE
VirusTotal
Malware
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows
Cryptographic key
7.6
M
25
ZeroCERT
6714
2023-12-11 18:46
wlanext.exe
0ac30e4d15c7aa703d6999c80f524373
Generic Malware
Malicious Library
UPX
Antivirus
PE32
PE File
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
Windows
ComputerName
Cryptographic key
crashed
7.2
M
44
ZeroCERT
6715
2023-12-11 18:43
Booking_information.exe
24ba06fd80a3f7f185804ae0b8de0682
UPX
Malicious Library
AntiDebug
AntiVM
PE32
PE File
.NET EXE
Browser Info Stealer
RedLine
Malware download
FTP Client Info Stealer
VirusTotal
Malware
Microsoft
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
Creates executable files
unpack itself
Collect installed applications
AppData folder
installed browsers check
Stealer
Windows
Browser
ComputerName
DNS
Cryptographic key
Software
crashed
1
Info
×
193.233.132.16
3
Info
×
ET INFO Microsoft net.tcp Connection Initialization Activity
ET MALWARE [ANY.RUN] RedLine Stealer Family Related (MC-NMF Authorization)
ET MALWARE Redline Stealer Family Activity (Response)
13.8
M
52
ZeroCERT
6716
2023-12-11 18:42
tuc2.exe
db2a79634197945313bdc4d81154981e
Emotet
Gen1
Generic Malware
Malicious Library
UPX
Malicious Packer
Admin Tool (Sysinternals etc ...)
PE32
PE File
MZP Format
DLL
OS Processor Check
DllRegisterServer
dll
PE64
wget
ZIP Format
VirusTotal
Malware
Check memory
Checks debugger
Creates executable files
unpack itself
Windows utilities
suspicious process
AppData folder
WriteConsoleW
Windows
ComputerName
crashed
5.0
M
23
ZeroCERT
6717
2023-12-11 18:41
wlanext.exe
669874d49e316097b979b2b3535ddc0d
NSIS
Generic Malware
Malicious Library
UPX
Antivirus
PE32
PE File
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
Windows
ComputerName
Cryptographic key
crashed
7.6
M
43
ZeroCERT
6718
2023-12-11 18:40
wlanext.exe
81d2e375dce372acb9d13e41748ecc2f
NSIS
Generic Malware
Malicious Library
UPX
Antivirus
PE32
PE File
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
Windows
ComputerName
Cryptographic key
crashed
5.8
M
ZeroCERT
6719
2023-12-11 15:30
BraveCrashHandler64.exe
80933f1574b52fe27bfc085779bd2552
EnigmaProtector
Generic Malware
UPX
PE32
PE File
MZP Format
PE64
VirusTotal
Malware
suspicious privilege
Checks debugger
WMI
Creates executable files
unpack itself
Windows utilities
Detects VMWare
suspicious process
sandbox evasion
WriteConsoleW
VMware
Windows
ComputerName
crashed
8.2
M
26
ZeroCERT
6720
2023-12-11 15:29
prox.exe
a09dc65d1b842e5fd4dbd4bf4fc74a0b
Hide_EXE
UPX
PE File
PE64
OS Processor Check
VirusTotal
Malware
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
unpack itself
Windows
DNS
Cryptographic key
1
Info
×
172.67.159.225
6.4
M
46
ZeroCERT
First
Previous
441
442
443
444
445
446
447
448
449
450
Next
Last
Total : 48,289cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword