Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
9016
2021-06-18 10:03
win32.exe
b562af446e9f7361e4b10e3b6c50cf5b
PWS
.NET framework
Admin Tool (Sysinternals etc ...)
Malicious Library
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
Buffer PE
PDB
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows
DNS
Cryptographic key
9.0
M
33
ZeroCERT
9017
2021-06-18 10:05
pub1.exe
0c7adaaa32d263c051a72555d85323e9
Raccoon Stealer
PE File
OS Processor Check
PE32
VirusTotal
Malware
PDB
unpack itself
Windows
DNS
crashed
3.6
M
23
ZeroCERT
9018
2021-06-18 10:07
test.exe
d57237560c25aff34850ab1980a0fb04
Malicious Library
PE File
PE32
Dridex
TrickBot
VirusTotal
Malware
unpack itself
Kovter
DNS
1
Info
×
188.119.113.80 - malware
1
Info
×
ET JA3 Hash - Possible Malware - Various Trickbot/Kovter/Dridex
2.6
52
r0d
9019
2021-06-18 10:31
87435972.exe
75cb80f790fc91926ba1d90a0bb6e09e
Generic Malware
themida
Admin Tool (Sysinternals etc ...)
PE File
PE32
VirusTotal
Malware
unpack itself
Checks Bios
Detects VirtualBox
Detects VMWare
VMware
anti-virtualization
Windows
Firmware
crashed
5.4
M
45
r0d
9020
2021-06-18 10:56
News.docx
aa82c7bfecf2700a60cdb8c4e3642130
unpack itself
DNS
1.8
ZeroCERT
9021
2021-06-18 11:33
winhost.exe
2415c1f7de7b48be235bd153e7eb2470
AsyncRAT
backdoor
PE File
PE64
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
crashed
2.4
M
31
ZeroCERT
9022
2021-06-18 13:39
c.wbk
c0c72fd2ce1b122fb69864ecf385b1b6
RTF File
doc
AntiDebug
AntiVM
MachineGuid
Check memory
Checks debugger
exploit crash
unpack itself
Tofsee
Exploit
crashed
2
Info
×
aecrinsurance.com(167.114.42.76)
167.114.42.76
2
Info
×
ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
2.8
ZeroCERT
9023
2021-06-18 14:07
seudebito9896642cqyrs9th nmbof...
b6ba52508561cfb5fe75d151ffd3c7cc
Gen2
MSOffice File
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
unpack itself
AntiVM_Disk
VM Disk Size Check
ComputerName
2.2
9
ZeroCERT
9024
2021-06-18 16:43
cports.exe
120dd0fcdbecf5b37b0f6578fc541323
Gen1
Gen2
Generic Malware
PE File
OS Processor Check
PE32
DLL
PE64
VirusTotal
Malware
Checks debugger
unpack itself
AppData folder
AntiVM_Disk
VM Disk Size Check
ComputerName
2.8
16
ZeroCERT
9025
2021-06-18 17:37
OSdm4SizH7WvTFnlz.exe
7aa1962ebd8bfadc1f0a02eba48d98f8
PWS
.NET framework
Admin Tool (Sysinternals etc ...)
Malicious Library
SMTP
KeyLogger
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
PDB
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows utilities
suspicious process
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
crashed
12.6
M
41
ZeroCERT
9026
2021-06-18 17:38
hut.exe
4ccbe3a8fa850367d5efde685a350d80
PE File
PE32
VirusTotal
Malware
RWX flags setting
unpack itself
Tofsee
crashed
1
Keyword trend analysis
×
Info
×
https://cdn.discordapp.com/attachments/854342102649143318/855081140620754964/Vhzygcahiwjrehzrrlqrpmzvootolhb
2
Info
×
cdn.discordapp.com(162.159.130.233) - malware
162.159.129.233 - malware
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
3.2
M
27
ZeroCERT
9027
2021-06-18 17:41
sefile.exe
06ac95deaa340711db9f10e66642fdb4
Raccoon Stealer
PE File
OS Processor Check
PE32
VirusTotal
Malware
PDB
unpack itself
Windows
crashed
3.0
M
29
ZeroCERT
9028
2021-06-18 17:42
BfWe.txt.html
d9a580f007effddf29bb8cef119aac46
VBScript PowerShell Obfuscated File
Antivirus
AntiDebug
AntiVM
VirusTotal
Malware
powershell
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
Creates shortcut
RWX flags setting
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
Windows
ComputerName
DNS
Cryptographic key
1
Keyword trend analysis
×
Info
×
https://expotuxpan.com/ERqIdpqqhZTTVzgn/qYOhYYQTqL78XMOU.jpg
1
Info
×
expotuxpan.com(198.12.249.118)
7.2
17
ZeroCERT
9029
2021-06-18 17:42
inquiry.exe
5cf27ec755267b1f7e443c9f2f45e627
Generic Malware
Admin Tool (Sysinternals etc ...)
PE File
PE32
VirusTotal
Malware
AutoRuns
RWX flags setting
unpack itself
Windows
DNS
2.6
12
ZeroCERT
9030
2021-06-18 17:42
M4C5n1UQnIWeWsRb.exe
7a4bc39ba2e82f3bc8b8775d11113cf0
PWS
.NET framework
Admin Tool (Sysinternals etc ...)
Malicious Library
SMTP
KeyLogger
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
PDB
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows utilities
suspicious process
WriteConsoleW
Windows
ComputerName
Cryptographic key
crashed
10.8
M
32
ZeroCERT
First
Previous
601
602
603
604
605
606
607
608
609
610
Next
Last
Total : 48,166cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword