Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
9526
2023-08-11 18:09
func.bat
da7822df51eba2ea7064742927ddd694
Generic Malware
Downloader
Antivirus
Create Service
Socket
P2P
DGA
Steal credential
Http API
Escalate priviledges
PWS
Sniff Audio
HTTP
DNS
ScreenShot
Code injection
Internet API
FTP
KeyLogger
AntiDebug
AntiVM
PowerShell
GIF Format
powershell
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
Creates shortcut
Creates executable files
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
WriteConsoleW
Windows
ComputerName
Cryptographic key
2
Keyword trend analysis
×
Info
×
https://sdkvm.site/def/check.php?pcn=TEST22-PC:test22:+
http://api.ipify.org
6.0
ZeroCERT
9527
2023-08-11 17:47
Mac_App.exe
4b29c67a00bcda2f4e861fd036b7dd2d
VirusTotal
Malware
crashed
1.2
M
18
ZeroCERT
9528
2023-08-11 17:38
svrdiv vsnivd.exe
5323834444ae9db2d971ac08cdf579e7
.NET framework(MSIL)
.NET EXE
PE File
PE32
VirusTotal
Malware
PDB
MachineGuid
Check memory
Checks debugger
unpack itself
ComputerName
2.6
20
ZeroCERT
9529
2023-08-11 17:29
Pooja.xlam
f942baab036075e8ace437ccf96815a7
VBA_macro
Generic Malware
.NET framework(MSIL)
ZIP Format
JPEG Format
MSOffice File
.NET EXE
PE File
PE32
VirusTotal
Malware
Check memory
Checks debugger
exploit crash
unpack itself
Exploit
ComputerName
crashed
4.2
18
ZeroCERT
9530
2023-08-11 16:18
soft.exe
4e8f34a4c631073808c74481f456e357
Generic Malware
UPX
Malicious Library
Malicious Packer
OS Processor Check
PE64
PE File
VirusTotal
Malware
crashed
1.4
51
ZeroCERT
9531
2023-08-11 16:15
twilighttwilight.hta
163b7346917aa5936bac2b3cb67df947
Generic Malware
Antivirus
AntiDebug
AntiVM
PowerShell
MSOffice File
VirusTotal
Malware
powershell
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
Creates shortcut
exploit crash
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
WriteConsoleW
Windows
Exploit
ComputerName
DNS
Cryptographic key
crashed
9.2
16
ZeroCERT
9532
2023-08-11 16:15
EpilogStrongyls.exe
fc44d05db7c9bc9dcebef7e3a5b96d4c
UPX
Malicious Library
OS Processor Check
PE File
PE32
VirusTotal
Malware
unpack itself
Remote Code Execution
2.2
M
40
ZeroCERT
9533
2023-08-11 16:13
build32.exe
902b8b84ab8e77279f06d1fa4bb769a3
UPX
Malicious Library
OS Processor Check
PE File
PE32
VirusTotal
Malware
unpack itself
Remote Code Execution
2.2
M
46
ZeroCERT
9534
2023-08-11 16:13
msedge.exe
50e0bef8c8ea8ffab979360ed54e7890
Admin Tool (Sysinternals etc ...)
.NET EXE
PE File
PE32
VirusTotal
Malware
PDB
Check memory
Checks debugger
unpack itself
Windows
Cryptographic key
2.6
33
ZeroCERT
9535
2023-08-11 16:10
Install Updater (win-stable)-c...
f1c8a94d79296f81464b3ebd5c84450e
Generic Malware
GIF Format
Email Client Info Stealer
Creates shortcut
AntiVM_Disk
WriteConsoleW
VM Disk Size Check
Email
1
Keyword trend analysis
×
Info
×
https://irenosolutions.com/wp-content/uploads/wpcode/cache/twilighttwilight.hta
1.6
ZeroCERT
9536
2023-08-11 11:00
local-upd.url
d4b9ce4e681d712ad2e0e39fdcbd6c6a
AntiDebug
AntiVM
MSOffice File
Malware
Code Injection
Malicious Traffic
RWX flags setting
exploit crash
unpack itself
Windows utilities
Windows
Exploit
DNS
crashed
3
Keyword trend analysis
×
Info
×
http://94.156.6.203/Downloads
http://94.156.6.203/
http://94.156.6.203/Downloads/local-update-ver104.215.51.exe
1
Info
×
94.156.6.203 - mailcious
4.2
guest
9537
2023-08-11 11:00
drop-updater.lnk
8e13f86d6f5f82200ac569d1c3d2e9ca
Generic Malware
Antivirus
AntiDebug
AntiVM
GIF Format
VirusTotal
Malware
powershell
suspicious privilege
Code Injection
Check memory
Checks debugger
Creates shortcut
unpack itself
powershell.exe wrote
suspicious process
WriteConsoleW
Windows
ComputerName
Cryptographic key
1
Keyword trend analysis
×
Info
×
https://www.redconsultora.com/campus/portfolio/relaxation.hta
4.8
13
guest
9538
2023-08-11 09:44
wis2war.vbs
72fab82acb233fa5b2d7aeb5cecf14bb
Hide_EXE
Anti_VM
PE File
VirusTotal
Malware
VBScript
AutoRuns
WMI
wscript.exe payload download
Creates executable files
unpack itself
AntiVM_Disk
IP Check
VM Disk Size Check
Windows
ComputerName
DNS
DDNS
crashed
Dropper
2
Keyword trend analysis
×
Info
×
http://ip-api.com/json/
http://chongmei33.publicvm.com:7045/is-ready
4
Info
×
chongmei33.publicvm.com(103.47.144.15) - mailcious
ip-api.com(208.95.112.1)
103.47.144.15
208.95.112.1
10.0
30
ZeroCERT
9539
2023-08-11 09:41
getReasonData.exe
39a3b5a48178b860ba3c69dfa191e974
UPX
Malicious Library
OS Processor Check
PE File
PE32
VirusTotal
Malware
AutoRuns
Windows
1.6
M
38
ZeroCERT
9540
2023-08-11 09:41
IFB.vbs
ec8dee0c18ddbd51ba9b3f3da9b3ee5f
Generic Malware
Antivirus
Hide_URL
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
buffers extracted
Creates shortcut
unpack itself
Windows utilities
Check virtual network interfaces
suspicious process
WriteConsoleW
Windows
ComputerName
Cryptographic key
3
Keyword trend analysis
×
Info
×
http://apps.identrust.com/roots/dstrootcax3.p7c
https://uploaddeimagens.com.br/images/004/563/621/original/universo_vbs.jpeg?1690931855
http://94.156.161.167/tl/izs45.txt
3
Info
×
uploaddeimagens.com.br(172.67.215.45) - malware
121.254.136.27
104.21.45.138 - malware
9.4
6
ZeroCERT
First
Previous
631
632
633
634
635
636
637
638
639
640
Next
Last
Total : 48,166cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword