Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
9586
2023-08-10 07:54
AdobeSettings.exe
e781ca8ce0cf2ede3c242c2bdc1ea2a4
NSIS
UPX
Malicious Library
PE File
PE32
DLL
AppData folder
0.6
M
ZeroCERT
9587
2023-08-10 07:50
defense.exe
eb11d76f4db6786d48ef7ae3f6c3ad9a
UPX
Malicious Library
OS Processor Check
PE File
PE32
PDB
buffers extracted
unpack itself
sandbox evasion
Browser
ComputerName
DNS
1
Info
×
5.8.18.42 - mailcious
4.4
M
ZeroCERT
9588
2023-08-10 07:49
html.exe
77f82a88068d77ba9ece00d21bf3a4db
UPX
Malicious Library
OS Processor Check
PE File
PE32
PDB
Code Injection
Checks debugger
buffers extracted
unpack itself
sandbox evasion
Browser
ComputerName
DNS
1
Info
×
5.8.18.42 - mailcious
6.2
M
ZeroCERT
9589
2023-08-10 07:48
a3e34cp.exe
92031e02bc46932ace98fb8b54f261f4
Amadey
UPX
VMProtect
Malicious Library
PE File
PE32
Malware
AutoRuns
Malicious Traffic
Check memory
unpack itself
Windows utilities
suspicious process
AppData folder
WriteConsoleW
human activity check
Windows
ComputerName
DNS
2
Keyword trend analysis
×
Info
×
http://45.9.74.166/b7djSDcPcZ/index.php - rule_id: 35596
http://45.9.74.141/b7djSDcPcZ/index.php - rule_id: 35595
2
Info
×
45.9.74.141 - mailcious
45.9.74.166 - mailcious
2
Info
×
http://45.9.74.166/b7djSDcPcZ/index.php
http://45.9.74.141/b7djSDcPcZ/index.php
8.0
M
ZeroCERT
9590
2023-08-10 07:47
index.exe
18462ea23f4eb50b95c5c3c30674f26c
UPX
Malicious Library
OS Processor Check
PE File
PE32
PDB
buffers extracted
unpack itself
sandbox evasion
Browser
ComputerName
DNS
1
Info
×
5.8.18.42 - mailcious
4.4
ZeroCERT
9591
2023-08-10 07:45
hkcmds.exe
e8ea1b6581dc17674bac8ab3202fa6f3
Generic Malware
UPX
Malicious Library
PE File
PE32
DLL
PE64
PNG Format
Check memory
Creates executable files
unpack itself
AppData folder
1.6
M
ZeroCERT
9592
2023-08-10 07:45
mosa.exe
a4068080e979a1fee7bce6baaec0f5f3
.NET framework(MSIL)
.NET EXE
PE File
PE32
PDB
suspicious privilege
Code Injection
Check memory
Checks debugger
unpack itself
4.4
M
ZeroCERT
9593
2023-08-09 17:59
rove.exe
0d2ca797bea99d6407c7c947f2156f37
NSIS
Suspicious_Script_Bin
UPX
Malicious Library
PE File
PE32
DLL
VirusTotal
Malware
Check memory
Creates shortcut
Creates executable files
unpack itself
AppData folder
Windows
crashed
4.2
34
ZeroCERT
9594
2023-08-09 17:58
damianozx.exe
a1d1b746da75f6f887ef0f05b04c8d1f
.NET EXE
PE File
PE32
VirusTotal
Malware
PDB
suspicious privilege
Code Injection
Check memory
Checks debugger
unpack itself
5.4
33
ZeroCERT
9595
2023-08-09 17:56
kellyzx.doc
b98806523c4916585df3f414296d0905
MS_RTF_Obfuscation_Objects
RTF File
doc
VirusTotal
Malware
Malicious Traffic
exploit crash
Exploit
DNS
crashed
2
Keyword trend analysis
×
Info
×
http://194.55.224.15/kelly/five/fre.php
http://2.59.254.18/_errorpages/kellyzx.exe
2
Info
×
2.59.254.18 - malware
194.55.224.15
4.4
M
29
ZeroCERT
9596
2023-08-09 17:51
importance-x.hta
5ffa9afcf0b8f6f600119cf4c35b5c6c
Generic Malware
Antivirus
AntiDebug
AntiVM
PowerShell
MSOffice File
VirusTotal
Malware
powershell
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
Creates shortcut
RWX flags setting
exploit crash
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
WriteConsoleW
Windows
Exploit
ComputerName
DNS
Cryptographic key
crashed
9.6
16
ZeroCERT
9597
2023-08-09 17:24
alertzx.exe
4ee46eae1d7757b7bb1892c06fcb2393
PWS
SMTP
KeyLogger
AntiDebug
AntiVM
.NET EXE
PE File
PE32
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Email Client Info Stealer
Malware
PDB
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Check virtual network interfaces
Browser
Email
ComputerName
Software
crashed
2
Info
×
smtp.hengshlusa.com(208.91.198.143) -
208.91.199.224 -
11.2
31
ZeroCERT
9598
2023-08-09 17:20
importance-x.hta
5ffa9afcf0b8f6f600119cf4c35b5c6c
VirusTotal
Malware
unpack itself
crashed
1.2
16
ZeroCERT
9599
2023-08-09 17:20
Nepal Relation with European C...
86b57b0ec360f45331fc5e4eb5c99611
AntiDebug
AntiVM
CHM Format
VirusTotal
Malware
AutoRuns
MachineGuid
Code Injection
Check memory
RWX flags setting
unpack itself
Windows utilities
suspicious process
WriteConsoleW
Windows
ComputerName
1
Keyword trend analysis
×
Info
×
http://daveonenewtestpanel.com/axis/cone.php
4.8
29
ZeroCERT
9600
2023-08-09 17:17
LogonFile.exe
bff3120685dafe9e31206887df290c02
UPX
Malicious Library
Malicious Packer
OS Processor Check
PE64
PE File
VirusTotal
Malware
unpack itself
crashed
1.6
26
ZeroCERT
First
Previous
631
632
633
634
635
636
637
638
639
640
Next
Last
Total : 48,166cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword