Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
9541
2023-08-11 09:41
azzo.vbs
d3a9ae0de027a95f8cd5f176e62f76af
Generic Malware
Antivirus
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
suspicious process
WriteConsoleW
Windows
ComputerName
Cryptographic key
5.4
14
ZeroCERT
9542
2023-08-11 09:39
ss.vbs
aa006b14ff4ae7b4499ac250b9370f66
Generic Malware
Antivirus
Hide_URL
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
buffers extracted
Creates shortcut
unpack itself
Windows utilities
Check virtual network interfaces
suspicious process
WriteConsoleW
Windows
ComputerName
Cryptographic key
3
Keyword trend analysis
×
Info
×
http://apps.identrust.com/roots/dstrootcax3.p7c
https://uploaddeimagens.com.br/images/004/563/621/original/universo_vbs.jpeg?1690931855
https://yorkrefrigerent.md/public/sass/vn/ifrdhf.txt
3
Info
×
uploaddeimagens.com.br(172.67.215.45) - malware
121.254.136.27
172.67.215.45 - malware
8.8
2
ZeroCERT
9543
2023-08-11 09:39
bkop.vbs
0706d45218e9831bd7caccef79b6425d
Generic Malware
Antivirus
PowerShell
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
Windows utilities
suspicious process
WriteConsoleW
Windows
ComputerName
Cryptographic key
6.0
21
ZeroCERT
9544
2023-08-11 09:01
koob7.doc
22a53781e8ed2786f7151db1d50cf9c1
GuLoader
MS_RTF_Obfuscation_Objects
RTF File
doc
VirusTotal
Malware
Malicious Traffic
exploit crash
unpack itself
Exploit
DNS
crashed
3
Keyword trend analysis
×
Info
×
http://geoplugin.net/json.gp
http://64.188.25.4/ASfZgs135.bin - rule_id: 35745
http://194.55.224.13/_errorpages/koob7.exe
5
Info
×
geoplugin.net(178.237.33.50)
178.237.33.50
64.188.25.4 - mailcious
69.61.42.27 - mailcious
194.55.224.13 - malware
1
Info
×
http://64.188.25.4/ASfZgs135.bin
4.6
M
31
ZeroCERT
9545
2023-08-11 08:59
server.exe
539796b3c5bfeecd94ad28751c257fd6
UPX
Malicious Library
Malicious Packer
OS Processor Check
PE64
PE File
ZeroCERT
9546
2023-08-11 08:59
koob7.exe
2894a2b884b3eae1a82c6203be7cb747
Suspicious_Script_Bin
UPX
Malicious Library
PE File
PE32
PNG Format
DLL
Check memory
Creates shortcut
Creates executable files
unpack itself
AppData folder
Windows
crashed
2.8
ZeroCERT
9547
2023-08-11 08:57
dfgdfg.exe
78bc9c35531a7e1a31af3bdff4083df6
Malicious Packer
PE64
PE File
buffers extracted
unpack itself
crashed
1.4
M
ZeroCERT
9548
2023-08-11 08:56
0000000000000%23%23%23%23%23%2...
12403b14978ed748ee844e915ac83bdb
MS_RTF_Obfuscation_Objects
RTF File
doc
Malware
Malicious Traffic
buffers extracted
RWX flags setting
exploit crash
IP Check
Exploit
DNS
crashed
1
Keyword trend analysis
×
Info
×
http://23.94.148.61/450/msedge.exe
3
Info
×
api.ipify.org(104.237.62.211)
173.231.16.76
23.94.148.61 - malware
4.0
ZeroCERT
9549
2023-08-11 08:54
38h4tp20bm85.exe
d525784068f44c8c06b97756f67bca48
LokiBot
UPX
Malicious Library
PWS
AntiDebug
AntiVM
OS Processor Check
PE File
PE32
Browser Info Stealer
FTP Client Info Stealer
Email Client Info Stealer
Cryptocurrency wallets
Cryptocurrency
Buffer PE
PDB
Code Injection
Check memory
Checks debugger
buffers extracted
WMI
unpack itself
Check virtual network interfaces
suspicious TLD
Ransomware
Windows
Browser
Email
ComputerName
Software
crashed
1
Keyword trend analysis
×
Info
×
http://apps.identrust.com/roots/dstrootcax3.p7c
3
Info
×
luminance-films.ru(104.21.42.155)
172.67.206.148
121.254.136.27
13.2
ZeroCERT
9550
2023-08-11 08:54
old.exe
657dc4f38e42f897d0591605cb20ee3e
PE64
PE File
DNS
crashed
1
Info
×
134.122.75.115
2.4
M
ZeroCERT
9551
2023-08-11 08:52
gucc.exe
954f8a5432fcf4567a25a5cdff191572
Admin Tool (Sysinternals etc ...)
.NET EXE
PE File
PE32
PDB
Check memory
Checks debugger
unpack itself
Windows
Cryptographic key
crashed
1.8
M
ZeroCERT
9552
2023-08-11 08:52
BRR.exe
1bf35ce85d9dabad107f0bbea91a0579
Lazarus Family
Themida Packer
UPX
Malicious Library
Anti_VM
.NET EXE
PE File
PE32
Browser Info Stealer
Check memory
Checks debugger
unpack itself
Checks Bios
Collect installed applications
Detects VMWare
VMware
anti-virtualization
installed browsers check
Windows
Browser
ComputerName
Remote Code Execution
Firmware
DNS
Cryptographic key
crashed
1
Info
×
95.143.190.57 - mailcious
8.4
M
ZeroCERT
9553
2023-08-11 08:49
stanzx.exe
214882a8a3a850bea2ffd8022c6ababf
.NET framework(MSIL)
.NET EXE
PE File
PE32
PDB
suspicious privilege
Code Injection
Check memory
Checks debugger
unpack itself
4.4
M
ZeroCERT
9554
2023-08-11 08:49
file.exe
7ddcb9a1fe843f1676612ee86489f322
UPX
Malicious Library
OS Processor Check
PE File
PE32
unpack itself
Remote Code Execution
1.0
ZeroCERT
9555
2023-08-11 06:39
rev 0B744B7667EF335CB32CEA7A9E...
d355dd22f9d71b1b9bce9b03771c7f26
RedLine stealer
Generic Malware
Malicious Library
Admin Tool (Sysinternals etc ...)
Anti_VM
OS Processor Check
crashed
0.2
guest
First
Previous
631
632
633
634
635
636
637
638
639
640
Next
Last
Total : 48,166cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
