Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
9826
2021-07-09 09:30
file.exe
9e2521860ebdce53dbe422612566d4ea
Raccoon Stealer
Malicious Library
PE32
OS Processor Check
PE File
VirusTotal
Malware
PDB
unpack itself
Windows
Remote Code Execution
crashed
3.0
31
ZeroCERT
9827
2021-07-09 09:30
document.wbk
562d429223703b6f8edfe68bcbf76ff5
RTF File
doc
AntiDebug
AntiVM
VirusTotal
Malware
MachineGuid
Malicious Traffic
Check memory
Checks debugger
exploit crash
unpack itself
Exploit
DNS
crashed
2
Keyword trend analysis
×
Info
×
http://manvim.co/fd4/fre.php
http://185.222.57.247/win/vbc.exe
3
Info
×
manvim.co(157.230.214.223) - mailcious
157.230.214.223
185.222.57.247
5.6
30
ZeroCERT
9828
2021-07-09 09:36
crv.dll
3ddeea156606b2e5d19c86cedf3dec30
Generic Malware
PE64
DLL
PE File
VirusTotal
Malware
MachineGuid
Malicious Traffic
Check memory
Checks debugger
buffers extracted
ICMP traffic
unpack itself
2
Keyword trend analysis
×
Info
×
http://revedanstvy.bid/ - rule_id: 2585
https://aws.amazon.com/
4
Info
×
revedanstvy.bid(54.197.173.238) - mailcious
aws.amazon.com(13.225.123.73)
54.197.173.238
99.86.203.73
1
Info
×
http://revedanstvy.bid/
4.4
M
30
ZeroCERT
9829
2021-07-09 09:52
ChromeSetup.exe
8b8070d443edc2583af45f5e831612ae
RAT
Generic Malware
SMTP
KeyLogger
PDF
AntiDebug
AntiVM
.NET EXE
PE32
PE File
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Email Client Info Stealer
Malware
AutoRuns
suspicious privilege
Code Injection
Malicious Traffic
Check memory
Checks debugger
buffers extracted
unpack itself
Check virtual network interfaces
malicious URLs
IP Check
Windows
Browser
Email
ComputerName
DNS
Cryptographic key
DDNS
Software
crashed
keylogger
2
Keyword trend analysis
×
Info
×
http://checkip.dyndns.org/
https://freegeoip.app/xml/175.208.134.150
4
Info
×
freegeoip.app(104.21.19.200)
checkip.dyndns.org(162.88.193.70)
216.146.43.71
172.67.188.154
14.4
19
ZeroCERT
9830
2021-07-09 09:54
Avi.exe
73831e1d30a74a49e0d5c5e8702fccd8
PWS
.NET framework
RAT
Generic Malware
Admin Tool (Sysinternals etc ...)
.NET EXE
PE32
PE File
VirusTotal
Malware
PDB
Check memory
Checks debugger
unpack itself
1.6
18
ZeroCERT
9831
2021-07-09 09:58
79.exe
731200bd0f325601f10165da3acd050c
PE32
PE File
VirusTotal
Malware
AutoRuns
unpack itself
Auto service
Check virtual network interfaces
sandbox evasion
Windows
DNS
1
Info
×
31.44.184.79
4.8
22
ZeroCERT
9832
2021-07-09 09:58
conhosts.exe
caef2cf45e5f00b554a5847de4096408
RAT
Gen2
Emotet
Gen1
PWS
.NET framework
Generic Malware
NSIS
Admin Tool (Sysinternals etc ...)
Anti_VM
UPX
KeyLogger
ScreenShot
PDF
AntiDebug
AntiVM
.NET EXE
PE32
PE File
OS Processor Check
VirusTotal
Malware
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
Creates executable files
unpack itself
AppData folder
malicious URLs
installed browsers check
Windows
Browser
Cryptographic key
crashed
10.0
23
ZeroCERT
9833
2021-07-09 09:59
lv.exe
036bee46548f543c263666d864125a60
NPKI
Ficker Stealer
Gen1
Gen2
Malicious Library
UPX
PE32
PE File
DLL
OS Processor Check
VirusTotal
Malware
Code Injection
Check memory
Checks debugger
Creates executable files
unpack itself
Windows utilities
suspicious process
AppData folder
AntiVM_Disk
WriteConsoleW
VM Disk Size Check
Windows
DNS
2
Info
×
XnsXqNhtFOOIkJwpJXvSgU.XnsXqNhtFOOIkJwpJXvSgU()
172.67.188.154
6.8
31
ZeroCERT
9834
2021-07-09 10:00
search.exe
5662b035afe1d5d0673378cae8c3a963
Raccoon Stealer
Malicious Library
PE32
OS Processor Check
PE File
PDB
unpack itself
Windows
Remote Code Execution
crashed
2.0
ZeroCERT
9835
2021-07-09 10:01
08.jpg
ed1921467f6784af6bdca40a06a541b5
DNS
Socket
ScreenShot
AntiDebug
AntiVM
PE32
OS Processor Check
PE File
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Malware
Cryptocurrency wallets
Cryptocurrency
Buffer PE
PDB
MachineGuid
Code Injection
Malicious Traffic
Check memory
buffers extracted
ICMP traffic
unpack itself
Collect installed applications
Check virtual network interfaces
suspicious process
suspicious TLD
sandbox evasion
anti-virtualization
IP Check
installed browsers check
Ransomware
Browser
ComputerName
Software
4
Keyword trend analysis
×
Info
×
http://srand04rf.ru/7hfjsdfjks.exe
http://api.ipify.org/?format=xml
http://api.ipify.org/
http://sudepallon.com/8/forum.php
8
Info
×
sudepallon.com(77.222.42.67)
pospvisis.com(95.213.179.67) - mailcious
api.ipify.org(23.21.173.155)
srand04rf.ru(8.211.241.0) - malware
8.211.241.0 - malware
54.235.190.106
95.213.179.67
77.222.42.67 - mailcious
16.4
20
ZeroCERT
9836
2021-07-09 10:01
microF.exe
edaf5a29b05f9205678bf6df8417541c
PWS
.NET framework
RAT
Generic Malware
Malicious Packer
SMTP
KeyLogger
AntiDebug
AntiVM
.NET EXE
PE32
PE File
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Email Client Info Stealer
Malware
suspicious privilege
Code Injection
Malicious Traffic
Check memory
Checks debugger
buffers extracted
Creates executable files
unpack itself
Windows utilities
Check virtual network interfaces
suspicious process
AppData folder
WriteConsoleW
IP Check
Windows
Browser
Email
ComputerName
DNS
Cryptographic key
DDNS
Software
crashed
keylogger
2
Keyword trend analysis
×
Info
×
http://checkip.dyndns.org/
https://freegeoip.app/xml/175.208.134.150
4
Info
×
freegeoip.app(104.21.19.200)
checkip.dyndns.org(216.146.43.71)
131.186.113.70
172.67.188.154
15.8
18
ZeroCERT
9837
2021-07-09 10:02
lv.exe
1a784d7b62002cba21a58bdaaa93ab5f
Raccoon Stealer
Gen1
Gen2
Malicious Library
PE32
PE File
OS Processor Check
DLL
VirusTotal
Malware
Check memory
Creates executable files
unpack itself
AppData folder
Windows
crashed
3.6
43
ZeroCERT
9838
2021-07-09 10:06
91.exe
25bb9a2a3c1135afc92346448cf84955
PE32
PE File
VirusTotal
Malware
AutoRuns
ICMP traffic
unpack itself
Auto service
Check virtual network interfaces
sandbox evasion
Windows
DNS
1
Info
×
31.44.184.91
5.6
22
ZeroCERT
9839
2021-07-09 10:06
index.jar
a53c10a1311d5e77559b0d3a23e24488
VirusTotal
Malware
Check memory
heapspray
unpack itself
Java
2.0
9
ZeroCERT
9840
2021-07-09 10:06
vbc.exe
082d045207256efb0f058cccfab15329
Generic Malware
Admin Tool (Sysinternals etc ...)
.NET EXE
PE32
PE File
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
crashed
2.2
28
ZeroCERT
First
Previous
651
652
653
654
655
656
657
658
659
660
Next
Last
Total : 48,197cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword