Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
7066
2023-11-16 18:57
tucl-1.dll
83076104ae977d850d1e015704e5730a
PE32
PE File
DLL
Checks debugger
unpack itself
crashed
0.8
guest
7067
2023-11-16 18:56
build.exe
3f1ba0dace898dc2cee247de5e15f068
Malicious Library
PE32
PE File
PDB
unpack itself
Remote Code Execution
1.2
M
ZeroCERT
7068
2023-11-16 18:53
gate9.rar
7ef0c56659703f74b1749bf84b73f82f
AntiDebug
AntiVM
Email Client Info Stealer
suspicious privilege
Checks debugger
Creates shortcut
unpack itself
installed browsers check
Browser
Email
ComputerName
3.4
M
ZeroCERT
7069
2023-11-16 18:49
x86.dll
95786b6c28bf8dba7bbfeeba9e1ec27a
Malicious Library
UPX
PE32
PE File
DLL
DllRegisterServer
dll
OS Processor Check
Checks debugger
unpack itself
0.6
guest
7070
2023-11-16 18:36
x86.dll
95786b6c28bf8dba7bbfeeba9e1ec27a
Malicious Library
UPX
PE32
PE File
DLL
DllRegisterServer
dll
OS Processor Check
Checks debugger
unpack itself
0.6
guest
7071
2023-11-16 18:34
svchost.exe
54a47f6b5e09a77e61649109c6a08866
Gen1
Malicious Packer
UPX
PE32
PE File
PDB
Remote Code Execution
0.4
guest
7072
2023-11-16 18:34
Windows Loader.exe
ab6675956f434085e7a387c7c76e8ceb
Gen1
Generic Malware
Malicious Library
Malicious Packer
UPX
PE32
PE File
MachineGuid
Check memory
Checks debugger
WMI
RWX flags setting
unpack itself
Checks Bios
sandbox evasion
anti-virtualization
ComputerName
Remote Code Execution
Firmware
crashed
5.6
guest
7073
2023-11-16 16:24
02390d465ec5ef463741f737b0d098...
01244c0aaa1117bb904d354dc8f5729f
RedLine Infostealer
UltraVNC
Malicious Library
UPX
PE32
PE File
OS Processor Check
VirusTotal
Malware
PDB
Malicious Traffic
Check memory
Checks debugger
ICMP traffic
unpack itself
Check virtual network interfaces
suspicious TLD
Windows
Cryptographic key
crashed
keylogger
1
Keyword trend analysis
×
Info
×
http://gmacro.ru/files/pubg/versionpubg.txt
2
Info
×
gmacro.ru(194.67.207.88)
194.67.207.88
7.4
20
r0d
7074
2023-11-16 15:57
htmlbrowserhistorycleanbothfil...
819445270fd095cf54c6768d1e380e1b
Generic Malware
Antivirus
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
buffers extracted
wscript.exe payload download
Creates shortcut
unpack itself
Check virtual network interfaces
suspicious process
WriteConsoleW
Tofsee
Windows
ComputerName
Cryptographic key
3
Keyword trend analysis
×
Info
×
http://apps.identrust.com/roots/dstrootcax3.p7c
https://paste.ee/d/U1LNm
https://uploaddeimagens.com.br/images/004/654/536/original/new_image.jpg?1698957750
5
Info
×
paste.ee(104.21.84.67) - mailcious
uploaddeimagens.com.br(104.21.45.138) - malware
61.111.58.34 - malware
172.67.187.200 - mailcious
104.21.45.138 - malware
2
Info
×
ET POLICY Pastebin-style Service (paste .ee) in TLS SNI
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
9.0
2
ZeroCERT
7075
2023-11-16 15:54
htmlbrowserhistorycleanwithcoo...
1840929cb01d825efc19c973c961230d
MS_RTF_Obfuscation_Objects
RTF File
doc
VirusTotal
Malware
buffers extracted
exploit crash
unpack itself
Exploit
DNS
crashed
1
Info
×
188.127.225.196 - mailcious
4.8
M
33
ZeroCERT
7076
2023-11-16 15:21
5dd663aa30da9fd0b72650d9e8c259...
fd36da278e03915e659c14f3c1b88a56
RedLine Infostealer
UltraVNC
Malicious Library
UPX
PE32
PE File
ftp
OS Processor Check
VirusTotal
Malware
PDB
Check memory
Checks debugger
ICMP traffic
unpack itself
Check virtual network interfaces
suspicious TLD
Windows
Cryptographic key
crashed
2
Info
×
files.gmacro.ru(95.216.77.146)
95.216.77.146
6.2
12
r0d
7077
2023-11-16 13:37
clp.exe
9bc7730e14189753be3c8c680c12d3a7
UPX
PE File
PE64
.NET EXE
VirusTotal
Malware
Windows
Remote Code Execution
crashed
2.8
M
50
ZeroCERT
7078
2023-11-16 13:35
lightmuzik2.1.exe
8a7e5664d1f1d5bf41c6d943299aa1e8
NSIS
Malicious Library
UPX
PE32
PE File
OS Processor Check
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Email Client Info Stealer
Malware
suspicious privilege
Check memory
Checks debugger
Creates executable files
unpack itself
Check virtual network interfaces
AppData folder
IP Check
Tofsee
Browser
Email
ComputerName
DNS
Software
crashed
2
Info
×
api.ipify.org(64.185.227.156)
64.185.227.156
4
Info
×
ET INFO External IP Lookup Domain (ipify .org) in DNS Lookup
ET INFO TLS Handshake Failure
ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
7.2
M
47
ZeroCERT
7079
2023-11-16 13:32
amd.exe
20475c809f00840b49f662de6c9216ff
Amadey
Themida Packer
Generic Malware
UPX
Anti_VM
PE32
PE File
VirusTotal
Malware
AutoRuns
Malicious Traffic
Check memory
unpack itself
Windows utilities
Checks Bios
Detects VirtualBox
Detects VMWare
suspicious process
AppData folder
WriteConsoleW
VMware
anti-virtualization
Windows
ComputerName
Firmware
DNS
crashed
1
Keyword trend analysis
×
Info
×
http://185.172.128.100/u6vhSc3PPq/index.php - rule_id: 37993
1
Info
×
185.172.128.100 - mailcious
1
Info
×
http://185.172.128.100/u6vhSc3PPq/index.php
11.8
M
53
ZeroCERT
7080
2023-11-16 13:30
TrueCrypt_lDwnwJ.exe
d6a28fab04acec60305a5c6be5b105d2
Generic Malware
Malicious Library
Malicious Packer
UPX
PE File
PE64
OS Processor Check
VirusTotal
Malware
crashed
0.6
7
ZeroCERT
First
Previous
471
472
473
474
475
476
477
478
479
480
Next
Last
Total : 48,289cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword