Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
8536
2023-09-19 00:02
welcome-feed-2614671.csv
5b8b52531ef787bc028c0cbd7e136b8a
PWS
ScreenShot
KeyLogger
AntiDebug
AntiVM
Vulnerability
MachineGuid
unpack itself
1.6
guest
8537
2023-09-18 23:30
IMG_2021_07_11_536734643256_sq...
d08f9a6a665c0f7de85a106adfbcef0d
Create Service
Escalate priviledges
AntiDebug
AntiVM
Lnk Format
GIF Format
VirusTotal
Malware
suspicious privilege
Code Injection
Creates shortcut
unpack itself
Tofsee
Discord
DNS
1
Keyword trend analysis
×
Info
×
https://cdn.discordapp.com/attachments/1151961825806667917/1151961899693514835/promot_s.msi
2
Info
×
cdn.discordapp.com(162.159.134.233) - malware
162.159.135.233 - malware
3
Info
×
ET INFO Observed Discord Domain in DNS Lookup (discordapp .com)
ET INFO Observed Discord Domain (discordapp .com in TLS SNI)
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
2.6
9
guest
8538
2023-09-18 22:24
IMG_3371.HEIC
7ba7ad5e13f96d1cdecfe0f926705585
AntiDebug
AntiVM
Email Client Info Stealer
suspicious privilege
Checks debugger
Creates shortcut
unpack itself
installed browsers check
Windows
Browser
Email
ComputerName
keylogger
4.0
guest
8539
2023-09-18 21:44
Screenshot 2023-09-14 at 05.59...
37671c9d2555c76619de3eb75f72563f
JPEG Format
guest
8540
2023-09-18 20:52
IMG_1551.HEIC
72b8cdeb2795ab75f1c343ecab26cda7
AntiDebug
AntiVM
Email Client Info Stealer
suspicious privilege
Checks debugger
Creates shortcut
unpack itself
installed browsers check
Browser
Email
ComputerName
3.4
guest
8541
2023-09-18 17:23
cgpcc.exe
3f1eb317915ef394385d03d3b32a3967
UPX
Malicious Library
PE File
PE64
OS Processor Check
VirusTotal
Malware
PDB
1.0
5
ZeroCERT
8542
2023-09-18 16:44
netTime.exe
c2f0ab10869de4c6b8b79556643249ff
Malicious Packer
Anti_VM
PE File
PE64
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
Creates executable files
unpack itself
Remote Code Execution
crashed
3.0
M
30
ZeroCERT
8543
2023-09-18 16:41
167.exe
f2cba0949d0354095822d6ba06b0d187
UPX
Malicious Library
PE File
PE32
OS Processor Check
VirusTotal
Malware
unpack itself
1.6
M
41
ZeroCERT
8544
2023-09-18 16:39
rockss.exe
b32d5a382373d7df0c1fec9f15f0724a
UPX
Malicious Library
Malicious Packer
AntiDebug
AntiVM
PE File
PE32
OS Processor Check
PE64
VirusTotal
Malware
Code Injection
Check memory
Checks debugger
buffers extracted
Creates executable files
unpack itself
AppData folder
Tofsee
1
Keyword trend analysis
×
Info
×
https://z.nnnaajjjgc.com/sts/imagd.jpg
2
Info
×
z.nnnaajjjgc.com(156.236.72.121) - malware
156.236.72.121 - mailcious
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
8.4
M
48
ZeroCERT
8545
2023-09-18 16:37
crypt1234.exe
7b4f90ff07d0fa2e763fd680b1e963c9
.NET framework(MSIL)
PE File
PE64
.NET EXE
VirusTotal
Malware
MachineGuid
Check memory
Checks debugger
unpack itself
2.6
M
44
ZeroCERT
8546
2023-09-18 16:36
files
a99b863be7e866f7f3f4f88d3ef5b0d9
ZIP Format
VirusTotal
Malware
0.8
M
21
ZeroCERT
8547
2023-09-18 16:35
32224dd5.exe
0cdb3c1c13987b9206aff17db672f7de
UPX
Malicious Library
PE File
PE32
OS Processor Check
VirusTotal
Malware
PDB
Remote Code Execution
1.6
M
26
ZeroCERT
8548
2023-09-18 16:35
Damned.exe
5915551386c9340c377a615355c6ceee
Generic Malware
UPX
Malicious Library
Malicious Packer
PE File
PE64
OS Processor Check
VirusTotal
Malware
PDB
crashed
1.0
8
ZeroCERT
8549
2023-09-18 16:24
NASA Database.lnk
4a7768c7ca725f7ec70694d807c7f739
Lnk Format
GIF Format
Creates shortcut
unpack itself
WriteConsoleW
DNS
2
Keyword trend analysis
×
Info
×
http://94.131.99.140/data/auto.cpl
http://94.131.99.140/data/icon.ico
1
Info
×
94.131.99.140
3.0
ZeroCERT
8550
2023-09-18 16:22
df.lnk
e80d1d2af1b75041f4a17d5f6979687f
Lnk Format
GIF Format
VirusTotal
Malware
Creates shortcut
unpack itself
WriteConsoleW
DNS
2
Keyword trend analysis
×
Info
×
http://94.131.99.140/data/auto.cpl
http://94.131.99.140/data/icon.ico
1
Info
×
94.131.99.140
3.0
5
ZeroCERT
First
Previous
561
562
563
564
565
566
567
568
569
570
Next
Last
Total : 48,198cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
