Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
6766
2023-12-06 12:10
microsoftdeletedentirehistoryc...
20c6385491d543c1e42804b5b7c72eaf
MS_RTF_Obfuscation_Objects
RTF File
doc
VirusTotal
Malware
Malicious Traffic
RWX flags setting
exploit crash
Exploit
DNS
crashed
1
Keyword trend analysis
×
Info
×
http://198.46.174.147/157/wlanext.exe
1
Info
×
198.46.174.147 - malware
1
Info
×
ET INFO Executable Download from dotted-quad Host
4.2
M
33
ZeroCERT
6767
2023-12-06 12:09
Wraub.exe
249fa2a560a2a8e1ae5a6b114e31afb2
.NET framework(MSIL)
PE32
PE File
.NET EXE
VirusTotal
Malware
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
unpack itself
Windows
Cryptographic key
7.4
54
ZeroCERT
6768
2023-12-05 08:21
Posh_v2_dropper_migrate_x86.ex...
96ddbe7ae5e33743408cf2cc5b9082b6
Hide_EXE
Malicious Library
Malicious Packer
UPX
PE32
PE File
OS Processor Check
VirusTotal
Malware
Code Injection
Checks debugger
buffers extracted
unpack itself
Windows utilities
WriteConsoleW
Windows
3.4
M
44
ZeroCERT
6769
2023-12-05 08:19
SOFT_KNITTING.exe
07db05ee98e9284a52f767b6410acdd7
Malicious Packer
UPX
PE File
PE64
VirusTotal
Malware
Checks debugger
DNS
1
Info
×
5.252.176.77 - mailcious
4.4
M
51
ZeroCERT
6770
2023-12-05 08:17
PBindSharp_v4_dropper_x86.exe
11bbccb66e1eb21038ba8ee73cf873c4
Hide_EXE
Malicious Library
Malicious Packer
UPX
PE32
PE File
OS Processor Check
VirusTotal
Malware
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
3.6
M
46
ZeroCERT
6771
2023-12-05 08:16
1701517649-explorer.exe
da419a77d4cf91ece32dca8dd1dfd152
PE32
PE File
.NET EXE
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
unpack itself
Windows
ComputerName
Cryptographic key
crashed
3.4
M
50
ZeroCERT
6772
2023-12-05 08:13
LEGISLATIVE_COUSIN.exe
0e763512095abc4616f81cf4631b9b2f
Malicious Packer
UPX
PE File
PE64
VirusTotal
Malware
Checks debugger
DNS
1
Info
×
5.252.176.77 - mailcious
4.4
M
50
ZeroCERT
6773
2023-12-05 08:10
pinguin.exe
58d28558b5e2ffbb0238ed852b0fccf4
Emotet
Generic Malware
Malicious Library
UPX
PE32
PE File
OS Processor Check
VirusTotal
Malware
PDB
Check memory
unpack itself
ComputerName
Remote Code Execution
2.4
M
14
ZeroCERT
6774
2023-12-05 08:10
Posh_v2_x64_xor.exe
94b560246170d823d6aad92172cdb57a
PE File
PE64
VirusTotal
Malware
Check memory
Checks debugger
buffers extracted
unpack itself
3.4
M
43
ZeroCERT
6775
2023-12-05 08:08
Posh_v4_dropper_migrate_x64.ex...
c1d1295e8c1b4116fa7ed1866ed8b73c
Hide_EXE
Malicious Library
Malicious Packer
UPX
PE File
PE64
OS Processor Check
VirusTotal
Malware
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows utilities
Windows
Cryptographic key
3.6
M
41
ZeroCERT
6776
2023-12-05 08:08
Posh_v2_dropper_x86.exe
7fa5f4cb38888a230b82389cbe568107
Hide_EXE
Malicious Library
Malicious Packer
UPX
PE32
PE File
OS Processor Check
VirusTotal
Malware
Code Injection
Checks debugger
buffers extracted
unpack itself
3.4
M
45
ZeroCERT
6777
2023-12-05 08:06
ngrok.exe
34985fae5fa8e9ebaa872de8d0105005
Malicious Library
Malicious Packer
UPX
PE File
PE64
OS Processor Check
crashed
0.4
M
ZeroCERT
6778
2023-12-05 08:06
Posh_v2_dropper_x64.exe
3393edc78556559552294115a95f2ba2
Hide_EXE
Malicious Library
Malicious Packer
UPX
PE File
PE64
OS Processor Check
VirusTotal
Malware
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
3.4
M
39
ZeroCERT
6779
2023-12-05 08:04
Sharp_v4_x64_xor.exe
1f91c3ab8a9689208e162e81b16881fe
PE File
PE64
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
buffers extracted
unpack itself
Check virtual network interfaces
DNS
1
Info
×
139.59.72.48 - mailcious
5.8
M
45
ZeroCERT
6780
2023-12-05 08:03
svchost.exe
66055eb5779265037160e80546c6de3d
Emotet
Generic Malware
Malicious Library
UPX
PE32
PE File
VirusTotal
Malware
Check memory
unpack itself
ComputerName
Remote Code Execution
2.8
44
ZeroCERT
First
Previous
451
452
453
454
455
456
457
458
459
460
Next
Last
Total : 48,289cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword