Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
9946
2021-07-13 09:43
promise.exe
d456785831584055bd3c9c9fd0b4670d
PWS
.NET framework
RAT
Generic Malware
Admin Tool (Sysinternals etc ...)
PE File
PE32
.NET EXE
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
1.8
16
ZeroCERT
9947
2021-07-13 09:43
can.exe
ebb56a6e94862c64dd204246376819f8
Generic Malware
Admin Tool (Sysinternals etc ...)
PE File
PE32
.NET EXE
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
2.0
25
ZeroCERT
9948
2021-07-13 09:45
newApps.exe
1d3ee4783ce7a30a7fd422f5abe7ba25
NPKI
Generic Malware
Antivirus
PE64
PE File
PE32
DLL
.NET DLL
VirusTotal
Malware
powershell
suspicious privilege
MachineGuid
Check memory
Checks debugger
buffers extracted
Creates shortcut
Creates executable files
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
AppData folder
Windows
ComputerName
Cryptographic key
8.6
36
ZeroCERT
9949
2021-07-13 09:47
3loyaSLADo1ZNLp.exe
6446daba47a6a46d3f10a1c3504223d0
Generic Malware
PE File
PE32
.NET EXE
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
crashed
2.6
41
ZeroCERT
9950
2021-07-13 09:50
myfile.exe
c7364193b982c090d8426630dab87226
RedLine Stealer
Admin Tool (Sysinternals etc ...)
Code injection
ScreenShot
persistence
AntiDebug
AntiVM
PE File
PE32
DLL
OS Processor Check
VirusTotal
Malware
Buffer PE
PDB
Code Injection
Checks debugger
buffers extracted
Creates executable files
unpack itself
AppData folder
Remote Code Execution
8.6
24
ZeroCERT
9951
2021-07-13 09:51
BIOPASS RAT.exe
eb66dcd416436e0589a4e4db48c6deaf
PE File
PE32
VirusTotal
Malware
Check memory
1.6
35
ZeroCERT
9952
2021-07-13 09:52
merok.exe
53c69feedfd8ecfb3b5d88d051151d21
Malicious Library
PE File
PE32
DLL
VirusTotal
Malware
Check memory
Creates executable files
AppData folder
2.6
28
ZeroCERT
9953
2021-07-13 09:54
backdoor.exe
a905e8ec7c21e72ecec790fab54a114a
PE File
PE32
VirusTotal
Malware
Check memory
DNS
1
Info
×
1.117.165.236
3.2
34
ZeroCERT
9954
2021-07-13 09:54
9663.exe
de57b50ddeb32383574874af224b2a98
PE64
PE File
OS Processor Check
VirusTotal
Malware
unpack itself
crashed
1.8
30
ZeroCERT
9955
2021-07-13 09:56
file.exe
eb88d83376bb414d84f3242103b351ef
PWS
Loki[b]
Loki[m]
Generic Malware
DNS
Socket
AntiDebug
AntiVM
PE File
PE32
.NET EXE
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Email Client Info Stealer
Malware
suspicious privilege
MachineGuid
Code Injection
Malicious Traffic
Check memory
Checks debugger
buffers extracted
unpack itself
malicious URLs
installed browsers check
Browser
Email
ComputerName
DNS
Software
crashed
1
Keyword trend analysis
×
Info
×
http://185.227.139.18/dsaicosaicasdi.php/ZCV5nbpN4L9rd - rule_id: 2584
1
Info
×
185.227.139.18 - mailcious
1
Info
×
http://185.227.139.18/dsaicosaicasdi.php
13.4
M
22
ZeroCERT
9956
2021-07-13 09:58
server.exe
ee759b97c88356e23b04afa427c6cb94
Rebhip
PE32
PE File
MSOffice File
VirusTotal
Malware
RWX flags setting
unpack itself
Disables Windows Security
Windows
crashed
4.2
50
r0d
9957
2021-07-13 10:09
9663.exe
de57b50ddeb32383574874af224b2a98
Generic Malware
PE64
OS Processor Check
PE File
VirusTotal
Malware
RWX flags setting
unpack itself
ComputerName
1
Info
×
ford.azureedge.net()
2.6
30
r0d
9958
2021-07-13 10:16
backdoor.exe
a905e8ec7c21e72ecec790fab54a114a
Generic Malware
Malicious Packer
UPX
PE32
PE File
VirusTotal
Malware
Check memory
DNS
1
Info
×
1.117.165.236
3.2
34
r0d
9959
2021-07-13 10:23
BIOPASS RAT.exe
eb66dcd416436e0589a4e4db48c6deaf
Generic Malware
UPX
PE32
PE File
VirusTotal
Malware
1.4
33
r0d
9960
2021-07-13 10:38
0712_1535841550.doc
116c69c018829ee0342b177523161cd4
VBA_macro
UPX
MSOffice File
OS Processor Check
unpack itself
1.6
guest
First
Previous
661
662
663
664
665
666
667
668
669
670
Next
Last
Total : 48,198cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword