Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
8236
2023-09-26 13:36
te
0c55abf72ac32c1f4364d2beacbc4eb6
Create Service
Http API
Escalate priviledges
AntiDebug
AntiVM
PE File
DLL
PE64
Malware
suspicious privilege
Code Injection
Malicious Traffic
Check memory
Checks debugger
unpack itself
suspicious process
WriteConsoleW
DNS
crashed
1
Keyword trend analysis
×
Info
×
http://94.131.106.78/BcDx2y/OkJKB
1
Info
×
94.131.106.78
2
Info
×
ET POLICY curl User-Agent Outbound
ET HUNTING curl User-Agent to Dotted Quad
4.4
M
ZeroCERT
8237
2023-09-26 13:36
ni
e23d0b061c80c22c7d232b6a8e43fa77
PE File
DLL
PE64
Checks debugger
suspicious process
crashed
0.8
M
yjw
8238
2023-09-26 13:35
ib
dd77c8ada4a2591da5b34ff8b496f298
Create Service
Http API
Escalate priviledges
AntiDebug
AntiVM
PE File
DLL
PE64
Malware
suspicious privilege
Code Injection
Malicious Traffic
Checks debugger
unpack itself
suspicious process
WriteConsoleW
DNS
crashed
1
Keyword trend analysis
×
Info
×
http://94.131.106.78/BcDx2y/OkJKB
1
Info
×
94.131.106.78
2
Info
×
ET POLICY curl User-Agent Outbound
ET HUNTING curl User-Agent to Dotted Quad
4.2
M
ZeroCERT
8239
2023-09-26 13:35
tuu
d933dc430f8feadf74902c4719033886
Create Service
Http API
Escalate priviledges
AntiDebug
AntiVM
PE File
DLL
PE64
Malware
suspicious privilege
Code Injection
Malicious Traffic
Check memory
Checks debugger
unpack itself
suspicious process
WriteConsoleW
DNS
crashed
1
Keyword trend analysis
×
Info
×
http://88.119.175.199/EtqXJWL/hqmN
1
Info
×
88.119.175.199
2
Info
×
ET POLICY curl User-Agent Outbound
ET HUNTING curl User-Agent to Dotted Quad
4.4
M
ZeroCERT
8240
2023-09-26 13:34
rc
11d10cfdac2a8c8dd30f80d6a2dad667
Create Service
Http API
Escalate priviledges
AntiDebug
AntiVM
PE File
DLL
PE64
Malware
suspicious privilege
Code Injection
Malicious Traffic
Check memory
Checks debugger
unpack itself
suspicious process
WriteConsoleW
DNS
crashed
1
Keyword trend analysis
×
Info
×
http://94.131.106.78/BcDx2y/OkJKB
1
Info
×
94.131.106.78
2
Info
×
ET POLICY curl User-Agent Outbound
ET HUNTING curl User-Agent to Dotted Quad
4.4
M
ZeroCERT
8241
2023-09-26 11:35
Jv.xll
f7a95d9853bbf73d695908480fa3ace2
Create Service
Http API
Escalate priviledges
AntiDebug
AntiVM
PE File
DLL
PE64
Malware
suspicious privilege
Code Injection
Malicious Traffic
Check memory
Checks debugger
unpack itself
suspicious process
WriteConsoleW
DNS
crashed
1
Keyword trend analysis
×
Info
×
http://51.195.49.233/dGp9oe/rAoeU0
1
Info
×
51.195.49.233
2
Info
×
ET POLICY curl User-Agent Outbound
ET HUNTING curl User-Agent to Dotted Quad
4.4
ZeroCERT
8242
2023-09-26 11:31
0ea461af5bf18fa9fe0a4945bda2c2...
0ea461af5bf18fa9fe0a4945bda2c2c0
Generic Malware
Malicious Library
UPX
Downloader
Antivirus
.NET framework(MSIL)
Malicious Packer
PE File
PE32
.NET EXE
OS Processor Check
PDB
MachineGuid
Check memory
Checks debugger
unpack itself
1.2
ZeroCERT
8243
2023-09-26 11:30
6e883bbb4501d4f4fa1d2c0cdeadea...
6e883bbb4501d4f4fa1d2c0cdeadea81
njRAT
backdoor
PE File
PE32
.NET EXE
Malware download
njRAT
VirusTotal
Malware
DNS
1
Info
×
20.197.224.91
1
Info
×
ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
1.8
54
ZeroCERT
8244
2023-09-26 11:27
rc
11d10cfdac2a8c8dd30f80d6a2dad667
PE File
DLL
PE64
ZeroCERT
8245
2023-09-26 11:27
tuu
d933dc430f8feadf74902c4719033886
PE File
DLL
PE64
ZeroCERT
8246
2023-09-26 11:27
ib
dd77c8ada4a2591da5b34ff8b496f298
PE File
DLL
PE64
ZeroCERT
8247
2023-09-26 11:27
te
0c55abf72ac32c1f4364d2beacbc4eb6
PE File
DLL
PE64
ZeroCERT
8248
2023-09-26 11:26
te
65132d1687d9039302697713f6a7d649
PE File
DLL
PE64
ZeroCERT
8249
2023-09-26 11:26
ni
e23d0b061c80c22c7d232b6a8e43fa77
PE File
DLL
PE64
ZeroCERT
8250
2023-09-26 11:22
Judicial Procedure_virustotal....
c3c5f236a1422c9717850d3fd8a9b741
PDF
guest
First
Previous
541
542
543
544
545
546
547
548
549
550
Next
Last
Total : 48,201cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword