Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
9166
2021-06-24 09:54
vbc.exe
de41a01457573e366909c2ddb491d1f3
PE File
OS Processor Check
PE32
VirusTotal
Malware
PDB
unpack itself
Windows
Remote Code Execution
DNS
crashed
4.0
35
ZeroCERT
9167
2021-06-24 10:02
x3.exe
673189c4150264e0e7f3f74478867375
Generic Malware
DNS
Socket
Create Service
Escalate priviledges
KeyLogger
Code injection
ScreenShot
BitCoin
AntiDebug
AntiVM
PE File
PE64
VirusTotal
Cryptocurrency Miner
Malware
AutoRuns
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
buffers extracted
Creates executable files
unpack itself
Windows utilities
Auto service
Check virtual network interfaces
suspicious process
malicious URLs
suspicious TLD
WriteConsoleW
Windows
ComputerName
Firmware
CoinMiner
4
Info
×
con.microgent.ru(195.133.40.220)
pastebin.com(104.23.99.190) - mailcious
195.133.40.220
104.23.99.190 - mailcious
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (CoinMiner)
13.8
49
ZeroCERT
9168
2021-06-24 10:02
t-d.exe
95939e9f316d9e5d38e453b5f6095fcd
Armageddon
APT
WinRAR
AntiDebug
AntiVM
PE File
OS Processor Check
PE32
VirusTotal
Malware
PDB
Code Injection
WMI
Creates executable files
unpack itself
AntiVM_Disk
WriteConsoleW
VM Disk Size Check
ComputerName
Remote Code Execution
DNS
6.4
13
ZeroCERT
9169
2021-06-24 10:04
GPU.exe
619057f86d88426ef8b7cd4a91570aab
Generic Malware
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows
DNS
DDNS
crashed
6
Info
×
fact.azad.live(172.67.200.214)
societyf500.ddns.net(91.109.188.6)
104.21.13.168
172.67.200.214
195.133.40.220
91.109.188.6
1
Info
×
ET POLICY DNS Query to DynDNS Domain *.ddns .net
11.6
45
ZeroCERT
9170
2021-06-24 10:07
x2.exe
7d0872298a99819963ab97c027e2fe54
Generic Malware
DNS
Socket
Create Service
Escalate priviledges
KeyLogger
Code injection
ScreenShot
BitCoin
AntiDebug
AntiVM
PE File
PE64
VirusTotal
Cryptocurrency Miner
Malware
AutoRuns
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
buffers extracted
Creates executable files
unpack itself
Windows utilities
Auto service
Check virtual network interfaces
suspicious process
malicious URLs
WriteConsoleW
Windows
ComputerName
Firmware
CoinMiner
4
Info
×
con.microgent.ru(195.133.40.220)
pastebin.com(104.23.98.190) - mailcious
195.133.40.220
104.23.98.190 - mailcious
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (CoinMiner)
14.0
45
ZeroCERT
9171
2021-06-24 10:07
1204431452_50619973.rar
5c6b2a4b4311244fb91f48c4215775df
Escalate priviledges
KeyLogger
AntiDebug
AntiVM
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
unpack itself
DNS
3.4
45
ZeroCERT
9172
2021-06-24 10:07
nvcontainer.exe
a236fce97def23d91641ae08041f4107
Generic Malware
DGA
DNS
SMTP
Socket
Create Service
Sniff Audio
Escalate priviledges
KeyLogger
Code injection
Internet API
ScreenShot
Downloader
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
malicious URLs
suspicious TLD
Windows
DNS
crashed
keylogger
2
Info
×
fit.microgent.ru(195.133.40.220)
195.133.40.220
14.8
47
ZeroCERT
9173
2021-06-24 10:08
kill.exe
6084f2e484d7ae81d35dff0aa576c546
Armageddon
APT
WinRAR
AntiDebug
AntiVM
PE File
OS Processor Check
PE32
VirusTotal
Malware
PDB
Code Injection
WMI
Creates executable files
unpack itself
AntiVM_Disk
WriteConsoleW
VM Disk Size Check
ComputerName
Remote Code Execution
DNS
1
Info
×
195.133.40.220
7.2
23
ZeroCERT
9174
2021-06-24 10:10
NV.exe
75e7308aacb22402184d08ee9712f89b
Generic Malware
DGA
DNS
Socket
Create Service
Sniff Audio
HTTP
Escalate priviledges
KeyLogger
FTP
Code injection
Http API
Internet API
Steal credential
ScreenShot
Downloader
P2P
AntiDebug
AntiVM
PE File
.NET EXE
PE32
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows utilities
WriteConsoleW
Windows
DNS
DDNS
crashed
1
Info
×
societyf500.ddns.net(91.109.188.6)
1
Info
×
ET POLICY DNS Query to DynDNS Domain *.ddns .net
9.8
ZeroCERT
9175
2021-06-24 10:11
sos.exe
2edfacc58679637e8b8770e9d0c62481
Generic Malware
DNS
Socket
ScreenShot
BitCoin
AntiDebug
AntiVM
PE File
PE64
VirusTotal
Malware
MachineGuid
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
malicious URLs
ComputerName
8.6
49
ZeroCERT
9176
2021-06-24 10:12
msdtc.exe
a119493bce8e253eaae093e9afdda7af
Generic Malware
DGA
DNS
SMTP
Socket
Create Service
Sniff Audio
Escalate priviledges
KeyLogger
Code injection
Internet API
ScreenShot
Downloader
AntiDebug
AntiVM
PE File
.NET EXE
PE32
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
malicious URLs
BitRAT
Windows
ComputerName
DNS
crashed
keylogger
2
Info
×
con.microgent.ru(195.133.40.220)
195.133.40.220
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (BitRAT)
10.6
ZeroCERT
9177
2021-06-24 10:13
x3-uninstaller.exe
aba3dda5a550d9b29772989223f10678
AsyncRAT
backdoor
Generic Malware
PE File
PE64
VirusTotal
Malware
suspicious privilege
MachineGuid
Check memory
Checks debugger
unpack itself
Windows utilities
suspicious process
WriteConsoleW
Windows
ComputerName
4.0
38
ZeroCERT
9178
2021-06-24 10:14
NVIDIA.exe
5ff35bead91ba5d8359afc1389a9ab5e
Generic Malware
PE File
PE64
Check memory
Checks debugger
unpack itself
DNS
1
Info
×
195.133.40.220
1.8
ZeroCERT
9179
2021-06-24 10:17
kill-ms.exe
5dde83dfeabd347686a111862a6fe2e0
Armageddon
APT
WinRAR
AntiDebug
AntiVM
PE File
OS Processor Check
PE32
VirusTotal
Malware
PDB
Code Injection
WMI
Creates executable files
unpack itself
WriteConsoleW
ComputerName
Remote Code Execution
DNS
6.8
20
ZeroCERT
9180
2021-06-24 10:19
NVC.exe
70e97b8ae8f08c3f8c2cbf4d81192cf0
Generic Malware
DGA
DNS
Socket
Create Service
Sniff Audio
HTTP
Escalate priviledges
KeyLogger
FTP
Code injection
Http API
Internet API
Steal credential
ScreenShot
Downloader
P2P
AntiDebug
AntiVM
PE File
.NET EXE
PE32
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows utilities
WriteConsoleW
Windows
crashed
1
Info
×
con.microgent.ru(195.133.40.220)
8.8
ZeroCERT
First
Previous
611
612
613
614
615
616
617
618
619
620
Next
Last
Total : 48,166cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword