Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
10246
2023-07-17 16:44
sp.exe
bcaf6001ab90614008b635fc7dcfe7bf
UPX
Malicious Library
MZP Format
PE File
PE32
VirusTotal
Malware
RWX flags setting
unpack itself
2.4
M
25
ZeroCERT
10247
2023-07-17 16:43
NvProfileUpdate.exe
15eb8ad14a87788df162588c878c6789
UPX
Malicious Library
AntiDebug
AntiVM
OS Processor Check
PE File
PE32
Browser Info Stealer
RedLine
Malware download
FTP Client Info Stealer
VirusTotal
Malware
Buffer PE
PDB
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
WMI
unpack itself
Collect installed applications
installed browsers check
Stealer
Windows
Browser
ComputerName
DNS
Cryptographic key
Software
crashed
1
Info
×
135.181.205.149 - mailcious
3
Info
×
ET MALWARE RedLine Stealer TCP CnC net.tcp Init
ET MALWARE Redline Stealer TCP CnC Activity
ET MALWARE Redline Stealer TCP CnC - Id1Response
12.6
M
33
ZeroCERT
10248
2023-07-17 16:42
skx111.exe
5aaa271e450f4be6a269af69aefb2768
Malicious Library
PE File
PE32
VirusTotal
Malware
PDB
2.2
M
43
ZeroCERT
10249
2023-07-17 16:41
WhiteCrypt (1).exe
e168038ddb8d3f31511af2dc0d5c4f04
RedLine Infostealer
UltraVNC
UPX
Malicious Library
OS Processor Check
PE File
PE32
VirusTotal
Malware
PDB
suspicious privilege
Check memory
Checks debugger
WMI
unpack itself
anti-virtualization
Windows
ComputerName
Cryptographic key
crashed
5.2
M
28
ZeroCERT
10250
2023-07-17 16:39
csrssfs.exe
4b26c5d77671cf27c5985bc4435f8c44
UPX
Malicious Library
MZP Format
PE File
PE32
VirusTotal
Malware
RWX flags setting
unpack itself
2.2
M
16
ZeroCERT
10251
2023-07-17 16:39
dwmfs.exe
3e95261aa13150799f0146b58e080ec7
Malicious Library
PE File
PE32
VirusTotal
Malware
PDB
2.0
M
31
ZeroCERT
10252
2023-07-17 16:34
57BC9B7E.Png.ps1
d88a9237dd21653ebb155b035aa9a33c
Generic Malware
Antivirus
VirusTotal
Malware
Check memory
unpack itself
1.4
M
26
ZeroCERT
10253
2023-07-17 16:32
2E0ECB2F.Png
f725bab929df4fe2626849ba269b7fcb
Malicious Library
CAB
MSOffice File
VirusTotal
Malware
1.2
M
44
ZeroCERT
10254
2023-07-17 15:49
...............dot
d553bd422c8d3621e21049ccc2ebe680
MS_RTF_Obfuscation_Objects
RTF File
doc
VirusTotal
Malware
exploit crash
Exploit
DNS
crashed
1
Info
×
103.125.191.125 - malware
3.8
M
40
ZeroCERT
10255
2023-07-17 15:42
cmsh.hta
3c38f1318767a3b84a619187e7e78646
Generic Malware
Antivirus
AntiDebug
AntiVM
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
Creates shortcut
RWX flags setting
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
Windows
ComputerName
Cryptographic key
7.0
5
ZeroCERT
10256
2023-07-17 15:41
IE_NET.hta
ab46abca955700f1d0f904cda6442b7c
Generic Malware
Antivirus
AntiDebug
AntiVM
PowerShell
MSOffice File
VirusTotal
Malware
powershell
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
Creates shortcut
exploit crash
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
Tofsee
Windows
Exploit
ComputerName
DNS
Cryptographic key
crashed
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
8.2
5
ZeroCERT
10257
2023-07-17 13:33
wind.exe
5af410f004c467ec40f00a34b3d9a49f
NSIS
UPX
Malicious Library
PE File
PE32
OS Processor Check
DLL
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Email Client Info Stealer
Malware
AutoRuns
suspicious privilege
Check memory
Checks debugger
Creates executable files
unpack itself
Check virtual network interfaces
AppData folder
IP Check
Tofsee
Windows
Browser
Email
ComputerName
Cryptographic key
Software
crashed
2
Info
×
api.ipify.org(173.231.16.76)
104.237.62.211
2
Info
×
ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
7.6
M
50
ZeroCERT
10258
2023-07-17 13:30
setup.exe
188332f8d229131789a0b760aec2dd91
Malicious Library
PE File
PE32
VirusTotal
Malware
PDB
DNS
1
Info
×
24.199.83.51 - malware
2.8
M
46
ZeroCERT
10259
2023-07-17 13:29
toolspub2.exe
edc5c89d57bb84111b66780dc7d7fc27
Malicious Library
PE File
PE32
VirusTotal
Malware
PDB
2.2
M
44
ZeroCERT
10260
2023-07-17 13:28
userinit2.exe
b270508a8a3eb5dfe22df76f3cf59f3f
.NET framework(MSIL)
Malicious Packer
.NET EXE
PE File
PE32
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
Check virtual network interfaces
Windows
DNS
Cryptographic key
1
Info
×
24.199.83.51 - malware
3.6
M
44
ZeroCERT
First
Previous
681
682
683
684
685
686
687
688
689
690
Next
Last
Total : 48,199cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword