Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
871
2024-08-19 15:24
TMS_C153.exe
1ce9a063972f6f5266b78f7be6365fd6
Malicious Library
UPX
PE File
DllRegisterServer
dll
PE32
MZP Format
VirusTotal
Malware
unpack itself
crashed
1.8
3
ZeroCERT
872
2024-08-19 15:23
slavamerlov.exe
cecdc6f5ffde0ad1ddc333cc2a59d56e
Generic Malware
Malicious Library
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
PDB
Tofsee
crashed
1
Keyword trend analysis
×
Info
×
https://bitbucket.org/fcsdcvscvc/sadcasdv/raw/2def5025c148911543f74f565c76b7154ed5143d/kachelid
2
Info
×
bitbucket.org(104.192.140.26) - malware
104.192.140.26 - mailcious
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
1.6
M
50
ZeroCERT
873
2024-08-19 15:22
Brazeeel.vbs
14bde8aed8a9f08a93483d751677dc71
Generic Malware
Antivirus
Hide_URL
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
Check virtual network interfaces
suspicious process
WriteConsoleW
Tofsee
Windows
ComputerName
Cryptographic key
1
Keyword trend analysis
×
Info
×
https://ia803104.us.archive.org/27/items/vbs_20240726_20240726/vbs.jpg
2
Info
×
ia803104.us.archive.org(207.241.232.154) - malware
207.241.232.154 - malware
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
7.6
M
2
ZeroCERT
874
2024-08-19 15:21
huorong.exe
2b7bff01c4165d267d31d52c15b2d0ec
CoinMiner
AutoIt
Generic Malware
UPX
PE File
PE32
VirusTotal
Malware
Check memory
Checks debugger
sandbox evasion
Tofsee
2
Info
×
down5.huorong.cn(180.163.146.100)
180.163.146.100
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
3.0
M
56
ZeroCERT
875
2024-08-19 15:20
POS_C093.exe
d13c1ebc4923c0603b836f74330b78de
Malicious Library
Downloader
UPX
PE File
DllRegisterServer
dll
PE32
MZP Format
OS Processor Check
VirusTotal
Malware
unpack itself
crashed
1.8
M
4
ZeroCERT
876
2024-08-19 15:19
66c1968718ae8_stealc_cry.exe#k...
a2d030334c0e0775e213c5262b7ad1d9
Generic Malware
Malicious Library
UPX
PE File
PE32
Malware download
VirusTotal
Malware
c&c
Malicious Traffic
Check memory
unpack itself
Stealc
ComputerName
DNS
2
Keyword trend analysis
×
Info
×
http://193.176.190.41/2fa883eebd632382.php
http://193.176.190.41/
1
Info
×
193.176.190.41
1
Info
×
ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in
4.8
M
43
ZeroCERT
877
2024-08-19 15:17
CFPPF.exe
54c38790a4b6310fdc018d6ed97eed0f
Generic Malware
Malicious Library
Downloader
UPX
PE File
PE64
OS Processor Check
VirusTotal
Malware
PDB
Check memory
Checks debugger
Creates executable files
unpack itself
Tofsee
1
Keyword trend analysis
×
Info
×
https://bitbucket.org/fcsdcvscvc/sadcasdv/downloae
2
Info
×
bitbucket.org(104.192.140.26) - malware
104.192.140.25
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
2.4
M
22
ZeroCERT
878
2024-08-19 15:16
TestikBro.exe
7c0a5c2cde620549b93d8372960b63c1
Generic Malware
Malicious Library
Downloader
UPX
PE File
PE64
OS Processor Check
VirusTotal
Malware
Checks debugger
Creates executable files
Tofsee
1
Keyword trend analysis
×
Info
×
https://bitbucket.org/fcsdcvscvc/mainprojectf/downloads/rock.exe
2
Info
×
bitbucket.org(104.192.140.26) - malware
104.192.140.26 - mailcious
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
1.4
M
18
ZeroCERT
879
2024-08-19 15:15
PowerRun.exe
0a4a7f49dd88b8802db5aac1ac5f9483
Generic Malware
Malicious Library
UPX
Antivirus
PE File
PE64
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
unpack itself
sandbox evasion
human activity check
2.6
M
10
ZeroCERT
880
2024-08-19 15:14
POS_C156.exe
7c7382c5c39fb5cb7dffd9ca5dba25e5
Malicious Library
UPX
PE File
DllRegisterServer
dll
PE32
MZP Format
VirusTotal
Malware
unpack itself
crashed
2.0
M
10
ZeroCERT
881
2024-08-19 15:13
FSB.exe
04c2bd9282a55152d9e640b0780b8a69
Generic Malware
Malicious Library
Downloader
UPX
PE File
PE64
OS Processor Check
VirusTotal
Malware
PDB
Check memory
Checks debugger
unpack itself
2.0
M
26
ZeroCERT
882
2024-08-19 15:11
POS_C159.exe
3b8bb2df50ce9e36afc960a3b5bc463f
Malicious Library
Admin Tool (Sysinternals etc ...)
UPX
PE File
DllRegisterServer
dll
PE32
MZP Format
VirusTotal
Malware
unpack itself
crashed
2.0
M
10
ZeroCERT
883
2024-08-19 15:10
AddMemreduct.exe
f013565b3f9e18d9ac83432b4f0c08f9
UPX
PE File
PE32
VirusTotal
Malware
Checks debugger
2.0
M
35
ZeroCERT
884
2024-08-19 15:09
MPDW-constraints.vbs
5bd9d9462d41ac1feb8026654efe8bf9
Generic Malware
Antivirus
Hide_URL
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
Check virtual network interfaces
suspicious process
WriteConsoleW
Tofsee
Windows
ComputerName
Cryptographic key
1
Keyword trend analysis
×
Info
×
https://ia803104.us.archive.org/27/items/vbs_20240726_20240726/vbs.jpg
2
Info
×
ia803104.us.archive.org(207.241.232.154) - malware
207.241.232.154 - malware
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
7.6
M
7
ZeroCERT
885
2024-08-19 15:08
random.exe
e77e058e126ae8b898308d7ae78847fc
Client SW User Data Stealer
RedLine stealer
browser
info stealer
Generic Malware
Downloader
Google
Chrome
User Data
Malicious Library
Malicious Packer
UPX
Code injection
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
P
Browser Info Stealer
VirusTotal
Malware
MachineGuid
Code Injection
Check memory
Checks debugger
buffers extracted
Creates executable files
RWX flags setting
exploit crash
unpack itself
Windows utilities
suspicious process
malicious URLs
installed browsers check
Tofsee
Ransomware
Windows
Exploit
Browser
ComputerName
crashed
2
Info
×
crash-reports.mozilla.com(34.49.45.138)
34.49.45.138
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
12.4
M
30
ZeroCERT
First
Previous
51
52
53
54
55
56
57
58
59
60
Next
Last
Total : 48,198cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword