Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
9841
2021-07-09 10:06
EXCEL.exe
06b4abe10cbb4e3b692fd7c15f973228
RAT
Generic Malware
SMTP
KeyLogger
PDF
AntiDebug
AntiVM
.NET EXE
PE32
PE File
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Email Client Info Stealer
Malware
AutoRuns
suspicious privilege
Code Injection
Malicious Traffic
Checks debugger
buffers extracted
exploit crash
unpack itself
Check virtual network interfaces
malicious URLs
IP Check
Windows
Exploit
Browser
Email
DNS
Cryptographic key
DDNS
Software
crashed
keylogger
2
Keyword trend analysis
×
Info
×
http://checkip.dyndns.org/
https://freegeoip.app/xml/175.208.134.150
4
Info
×
freegeoip.app(172.67.188.154)
checkip.dyndns.org(216.146.43.70)
131.186.161.70
104.21.19.200
16.0
26
ZeroCERT
9842
2021-07-09 10:06
efryses.jpg
c2600528c452e288a545c35659f9ce6f
Generic Malware
PE32
PE File
VirusTotal
Malware
RWX flags setting
unpack itself
1.6
21
ZeroCERT
9843
2021-07-09 10:07
0708_774843085327.doc
e3fabc8664be96065e15660c2d01f88f
VBA_macro
MSOffice File
OS Processor Check
unpack itself
1.6
ZeroCERT
9844
2021-07-09 10:07
rdpa.exe
08a384b9655fb403506ef9a621d2fa01
RAT
NPKI
Generic Malware
Antivirus
PE64
PE File
VirusTotal
Malware
powershell
suspicious privilege
MachineGuid
Check memory
Checks debugger
Creates shortcut
Creates executable files
unpack itself
powershell.exe wrote
suspicious process
Windows
ComputerName
DNS
Cryptographic key
1
Info
×
172.67.188.154
7.8
15
ZeroCERT
9845
2021-07-09 10:10
autosubplayer.exe
db8b969c3ea8fc4bee3426413300cc1c
PE32
PE File
DLL
Check memory
Creates executable files
unpack itself
AppData folder
2.0
ZeroCERT
9846
2021-07-09 10:13
.svchost.exe
77389d92d36d1bb5812705758a926541
Generic Malware
PE32
PE File
VirusTotal
Malware
RWX flags setting
unpack itself
DNS
1
Info
×
104.21.19.200
2.2
26
ZeroCERT
9847
2021-07-09 10:14
ConsoleApp131.exe
2d5b3a4197f716b1600e32a3cbfa7b1e
AgentTesla
RAT
browser
info stealer
Generic Malware
Google
Chrome
User Data
Antivirus
Socket
Create Service
Sniff Audio
Escalate priviledges
KeyLogger
Code injection
Downloader
PDF
AntiDebug
AntiVM
.NET EXE
PE32
PE File
VirusTotal
Malware
powershell
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
Creates shortcut
Creates executable files
unpack itself
suspicious process
malicious URLs
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
DDNS
crashed
keylogger
2
Info
×
freightmgmt.duckdns.org(194.5.98.207) - mailcious
194.5.98.207 - mailcious
16.8
20
ZeroCERT
9848
2021-07-09 10:27
vbc.exe
ead27a4a9505a3008c0e7c93f92c4a16
Raccoon Stealer
Malicious Library
PE32
OS Processor Check
PE File
VirusTotal
Malware
PDB
unpack itself
Windows
Remote Code Execution
crashed
3.0
34
ZeroCERT
9849
2021-07-09 10:38
zupiwor.pdf
cc4ad8222b80e535506785ae1b6b6c30
PDF Suspicious Link
PDF
unpack itself
0.4
ZeroCERT
9850
2021-07-09 18:11
92375234.xml.html
71999a9d2f15e164c9b1fa926aa6444b
AntiDebug
AntiVM
VirusTotal
Malware
Code Injection
RWX flags setting
unpack itself
Windows utilities
Windows
2.6
2
ZeroCERT
9851
2021-07-09 18:12
08.jpg.exe
ed1921467f6784af6bdca40a06a541b5
hancitor
PE32
OS Processor Check
PE File
VirusTotal
Malware
PDB
Malicious Traffic
buffers extracted
unpack itself
Check virtual network interfaces
IP Check
ComputerName
3
Keyword trend analysis
×
Info
×
http://api.ipify.org/
http://sudepallon.com/8/forum.php - rule_id: 2599
http://sudepallon.com/8/forum.php
4
Info
×
sudepallon.com(77.222.42.67)
api.ipify.org(50.16.218.217)
50.16.246.238
77.222.42.67 - mailcious
1
Info
×
http://sudepallon.com/8/forum.php
4.6
20
ZeroCERT
9852
2021-07-09 18:15
FL_6110_32_75_21.exe
e5db377ee4548b89587bedc9fa5cd61a
RAT
Generic Malware
SMTP
KeyLogger
PDF
AntiDebug
AntiVM
.NET EXE
PE32
PE File
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Email Client Info Stealer
Malware
AutoRuns
suspicious privilege
Code Injection
Malicious Traffic
Check memory
Checks debugger
buffers extracted
unpack itself
Check virtual network interfaces
malicious URLs
VMware
IP Check
Windows
Browser
Email
ComputerName
DNS
Cryptographic key
DDNS
Software
crashed
keylogger
2
Keyword trend analysis
×
Info
×
http://checkip.dyndns.org/
https://freegeoip.app/xml/175.208.134.150
4
Info
×
freegeoip.app(172.67.188.154)
checkip.dyndns.org(216.146.43.70)
216.146.43.70 - suspicious
104.21.19.200
15.0
30
ZeroCERT
9853
2021-07-09 18:16
lv.exe
f2050093cc7b7a5d09f4c095e8314f0a
Gen1
Gen2
UPX
Malicious Library
PE32
PE File
DLL
OS Processor Check
VirusTotal
Malware
Code Injection
Check memory
Checks debugger
Creates executable files
unpack itself
Windows utilities
suspicious process
AppData folder
AntiVM_Disk
WriteConsoleW
VM Disk Size Check
Windows
crashed
1
Info
×
XKFhzuZwJRKmcLvfCrjxqTMmX.XKFhzuZwJRKmcLvfCrjxqTMmX()
7.4
32
ZeroCERT
9854
2021-07-09 18:17
PL_010_770_263_217.exe
ae19017fd05fc34bdf3f3be6e9ab0565
RAT
Generic Malware
PDF
.NET EXE
PE32
PE File
VirusTotal
Malware
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
unpack itself
Windows
Cryptographic key
crashed
6.0
24
ZeroCERT
9855
2021-07-09 18:18
ETL_013265_601_0278.exe
d48f9d5b95cf67894226d72c3333bd98
PWS
.NET framework
Generic Malware
SMTP
KeyLogger
AntiDebug
AntiVM
.NET EXE
PE32
PE File
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Email Client Info Stealer
Malware
AutoRuns
suspicious privilege
Code Injection
Malicious Traffic
Check memory
Checks debugger
buffers extracted
unpack itself
Check virtual network interfaces
malicious URLs
VMware
IP Check
Windows
Browser
Email
ComputerName
DNS
Cryptographic key
DDNS
Software
crashed
keylogger
2
Keyword trend analysis
×
Info
×
http://checkip.dyndns.org/
https://freegeoip.app/xml/175.208.134.150
4
Info
×
freegeoip.app(104.21.19.200)
checkip.dyndns.org(216.146.43.70)
172.67.188.154
131.186.161.70
14.8
26
ZeroCERT
First
Previous
651
652
653
654
655
656
657
658
659
660
Next
Last
Total : 48,197cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword