Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
9361
2023-08-17 10:40
Consent Form_Princeton Study.v...
ca8728ce8f77cfc804f9ce343de9c9ee
Antivirus
VirusTotal
Malware
VBScript
Checks debugger
wscript.exe payload download
suspicious process
ComputerName
DNS
Dropper
3
Keyword trend analysis
×
Info
×
https://grekop.online/brad/r.php
https://grekop.online/brad/re.php
https://grekop.online/brad/share.docx
2
Info
×
grekop.online(63.250.38.85)
63.250.38.85
10.0
13
ZeroCERT
9362
2023-08-17 10:36
nk_apt.lnk
27af79733f1e32b9267d4d16d0b1f8f6
Generic Malware
Antivirus
AntiDebug
AntiVM
Lnk Format
GIF Format
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Code Injection
Check memory
Checks debugger
Creates shortcut
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
WriteConsoleW
Windows
ComputerName
Cryptographic key
2
Keyword trend analysis
×
Info
×
https://www.yna.co.kr/view/AKR20230816138400704?section=politics/defense
https://api.onedrive.com/v1.0/shares/u!aHR0cHM6Ly8xZHJ2Lm1zL2IvcyFBa0FnekZKdWMwb09hdDdWMWRNWkIzanFPTXM_ZT1KUU1JcnI/root/content
6.6
6
ZeroCERT
9363
2023-08-17 09:23
payload.dll
aa9991d405f0742d592ca9a3c193a931
UPX
Malicious Packer
OS Processor Check
DLL
PE64
PE File
VirusTotal
Malware
PDB
Check memory
Checks debugger
unpack itself
1.8
29
ZeroCERT
9364
2023-08-17 09:23
update.vbs
5e99957a631f0506b3c5f8b7882d40ba
Generic Malware
Antivirus
Hide_URL
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
buffers extracted
Creates shortcut
unpack itself
Check virtual network interfaces
suspicious process
WriteConsoleW
Windows
ComputerName
Cryptographic key
3
Keyword trend analysis
×
Info
×
http://apps.identrust.com/roots/dstrootcax3.p7c
https://uploaddeimagens.com.br/images/004/563/621/original/universo_vbs.jpeg?1690931855
http://24.152.37.111/img/cara.txt
3
Info
×
uploaddeimagens.com.br(172.67.215.45) - malware
121.254.136.27
104.21.45.138 - malware
8.4
2
ZeroCERT
9365
2023-08-17 07:50
Federal Common Policy CA.cer
8c42b6360dd024ce4cb1ba06d26a6bc9
AntiDebug
AntiVM
Code Injection
Checks debugger
unpack itself
1.6
guest
9366
2023-08-17 07:40
rthnead.exe
7b06598763fb325a3879fc4acece48ee
UPX
.NET EXE
PE File
PE32
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
2.4
39
ZeroCERT
9367
2023-08-17 07:38
162.exe
048e94bcc447bc7c96688d2266006dce
UPX
Malicious Library
OS Processor Check
PE File
PE32
VirusTotal
Malware
unpack itself
Remote Code Execution
2.4
47
ZeroCERT
9368
2023-08-17 07:37
zaliv.exe
67c418ee40a4edb8a5b232298234f4be
Generic Malware
UPX
.NET framework(MSIL)
Malicious Library
Malicious Packer
Anti_VM
OS Processor Check
.NET EXE
PE File
PE32
JPEG Format
VirusTotal
Malware
Malicious Traffic
Windows utilities
IP Check
Windows
2
Keyword trend analysis
×
Info
×
http://apps.identrust.com/roots/dstrootcax3.p7c
http://icanhazip.com/
7
Info
×
icanhazip.com(104.18.114.97)
api.mylnikov.org(172.67.196.114)
api.telegram.org(149.154.167.220)
172.67.196.114 - mailcious
104.18.114.97
121.254.136.27
149.154.167.220
2.8
56
ZeroCERT
9369
2023-08-17 07:36
1.exe
e5cbc0114ff238740e72e907ad20223c
UPX
Malicious Library
OS Processor Check
PE File
PE32
VirusTotal
Malware
unpack itself
Remote Code Execution
2.4
47
ZeroCERT
9370
2023-08-16 18:18
1.html
27f74072d6268b5d96d73107c560d852
Antivirus
AntiDebug
AntiVM
MSOffice File
VirusTotal
Malware
Code Injection
exploit crash
unpack itself
Windows utilities
Windows
Exploit
DNS
crashed
2
Keyword trend analysis
×
Info
×
http://75.119.136.207/config/bases/config.php
http://bian0151.cafe24.com/admin/board/1.html
3.8
M
8
ZeroCERT
9371
2023-08-16 18:02
1.html
27f74072d6268b5d96d73107c560d852
Antivirus
AntiDebug
AntiVM
MSOffice File
VirusTotal
Malware
Code Injection
exploit crash
unpack itself
Windows utilities
Windows
Exploit
DNS
crashed
2
Keyword trend analysis
×
Info
×
http://75.119.136.207/config/bases/config.php
http://bian0151.cafe24.com/admin/board/1.html
3.8
M
8
ZeroCERT
9372
2023-08-16 17:57
1.html
27f74072d6268b5d96d73107c560d852
Antivirus
AntiDebug
AntiVM
MSOffice File
VirusTotal
Malware
Code Injection
exploit crash
unpack itself
Windows utilities
Windows
Exploit
DNS
crashed
2
Keyword trend analysis
×
Info
×
http://75.119.136.207/config/bases/config.php
http://bian0151.cafe24.com/admin/board/1.html
3.8
8
ZeroCERT
9373
2023-08-16 17:48
amday.exe
aa486e83365ae67a5778758685ca4d6f
Amadey
UPX
.NET framework(MSIL)
Malicious Library
Admin Tool (Sysinternals etc ...)
Http API
HTTP
Code injection
Internet API
AntiDebug
AntiVM
.NET EXE
PE File
PE32
Lnk Format
GIF Format
VirusTotal
Malware
AutoRuns
PDB
suspicious privilege
Code Injection
Malicious Traffic
Check memory
Checks debugger
buffers extracted
Creates shortcut
Creates executable files
unpack itself
Windows utilities
Windows
ComputerName
DNS
1
Keyword trend analysis
×
Info
×
http://45.9.74.182/b7djSDcPcZ/index.php - rule_id: 35747
1
Info
×
45.9.74.182 - malware
1
Info
×
http://45.9.74.182/b7djSDcPcZ/index.php
12.2
M
32
ZeroCERT
9374
2023-08-16 17:14
cancellationForm.Client.exe
a313d9dfd6bddf4cf0412d887719c5be
UPX
Malicious Library
OS Processor Check
PE File
PE32
VirusTotal
Malware
PDB
MachineGuid
Check memory
Checks debugger
unpack itself
2.4
8
ZeroCERT
9375
2023-08-16 17:11
NitroGenerator.exe
3b690e2f9f6a1184381063aa68bf0842
AntiDebug
AntiVM
PE64
PE File
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Malware
Buffer PE
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
WMI
Creates executable files
RWX flags setting
unpack itself
Collect installed applications
Check virtual network interfaces
installed browsers check
Windows
Browser
ComputerName
DNS
Cryptographic key
Software
crashed
1
Info
×
5.42.65.101 - mailcious
13.6
M
53
ZeroCERT
First
Previous
621
622
623
624
625
626
627
628
629
630
Next
Last
Total : 48,111cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
