Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
1036
2024-08-15 15:30
Application.jar
63bf5a039306926938fb1755e89419ba
ZIP Format
Check memory
heapspray
unpack itself
Java
1.6
ZeroCERT
1037
2024-08-15 15:29
sirMXU3YH.exe
be2991a976897adedd63e73d32de221d
Process Kill
Generic Malware
Malicious Library
FindFirstVolume
CryptGenKey
UPX
PE File
Device_File_Check
PE32
OS Processor Check
Browser Info Stealer
VirusTotal
Email Client Info Stealer
Malware
suspicious privilege
Check memory
Checks debugger
unpack itself
Browser
Email
ComputerName
crashed
4.6
M
33
ZeroCERT
1038
2024-08-15 15:28
1.ps1
3c43cf2113474c72b9201dd18f375a33
XMRig Miner
Generic Malware
Antivirus
Malicious Library
Malicious Packer
UPX
PE File
PE64
OS Processor Check
VirusTotal
Malware
powershell
AutoRuns
Malicious Traffic
Check memory
buffers extracted
Creates executable files
unpack itself
Windows utilities
powershell.exe wrote
Check virtual network interfaces
suspicious process
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
2
Keyword trend analysis
×
Info
×
http://78.153.140.96/config.json
http://78.153.140.96/xmrig.exe
2
Info
×
45.136.244.146
78.153.140.96 - mailcious
4
Info
×
ET INFO Executable Download from dotted-quad Host
ET POLICY PE EXE or DLL Windows file download HTTP
ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download
ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response
13.2
M
33
ZeroCERT
1039
2024-08-15 15:27
uneednewthingstogetmebackwithe...
9853bd06615e0b92da339077f6aa9e85
MS_RTF_Obfuscation_Objects
RTF File
doc
VirusTotal
Malware
Malicious Traffic
RWX flags setting
exploit crash
Tofsee
Exploit
DNS
crashed
1
Keyword trend analysis
×
Info
×
http://192.3.64.157/205/verynicefruitswithbutterbunheisgood.tIF
3
Info
×
ia803104.us.archive.org(207.241.232.154) - malware
192.3.64.157 - mailcious
207.241.232.154 - malware
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
4.6
M
34
ZeroCERT
1040
2024-08-15 15:24
calc.url
7cd9148cc27a55dc66a2d223f161bb54
AntiDebug
AntiVM
URL Format
Code Injection
exploit crash
unpack itself
Windows utilities
Windows
Exploit
DNS
crashed
3.4
ZeroCERT
1041
2024-08-15 15:22
u.png
ca9e2fafc81b855386aaf7a50906efa4
Generic Malware
Malicious Packer
UPX
PE File
PE64
OS Processor Check
VirusTotal
Malware
PDB
0.6
6
ZeroCERT
1042
2024-08-15 15:20
b
e744a3ee4380bc4eadddeca8fa99e593
Malicious Library
PE File
DLL
PE64
DllRegisterServer
dll
Malware download
Cobalt Strike
Cobalt
VirusTotal
Malware
Checks debugger
RWX flags setting
unpack itself
ComputerName
DNS
1
Keyword trend analysis
×
Info
×
http://41.216.183.157:18099/cx
1
Info
×
41.216.183.157 - malware
2
Info
×
ET DROP Spamhaus DROP Listed Traffic Inbound group 3
ET MALWARE Cobalt Strike Beacon Observed
3.8
50
ZeroCERT
1043
2024-08-15 11:16
msedge.exe
c2ec3c7d003e11d0db8aab918df1e47a
Generic Malware
UPX
Antivirus
PE File
.NET EXE
PE32
OS Processor Check
Lnk Format
GIF Format
VirusTotal
Malware
powershell
AutoRuns
suspicious privilege
MachineGuid
Check memory
Checks debugger
Creates shortcut
Creates executable files
unpack itself
Windows utilities
suspicious process
AntiVM_Disk
WriteConsoleW
VM Disk Size Check
Windows
ComputerName
Cryptographic key
keylogger
7.8
35
ZeroCERT
1044
2024-08-15 11:12
a.exe
299d90fd59dde6708ece0a0f73423997
Generic Malware
PE File
PE64
DllRegisterServer
dll
VirusTotal
Malware
RWX flags setting
unpack itself
ComputerName
DNS
1
Info
×
120.79.211.9
3.0
23
ZeroCERT
1045
2024-08-15 11:10
s.exe
b43e3cb0e1e8afd9f97b7471d3a15652
Generic Malware
PE File
PE64
VirusTotal
Malware
RWX flags setting
unpack itself
ComputerName
DNS
1
Info
×
120.79.211.9
3.0
20
ZeroCERT
1046
2024-08-15 11:08
handicap.exe
4cafe5036e12fac84ea750ab09a42a6d
Generic Malware
Malicious Library
Malicious Packer
UPX
PE File
PE64
OS Processor Check
VirusTotal
Malware
PDB
0.6
7
ZeroCERT
1047
2024-08-15 11:07
b.exe
01359d7d9ec82b16108b98fb6d31ce22
Generic Malware
PE File
PE64
VirusTotal
Malware
Check memory
1.6
35
ZeroCERT
1048
2024-08-15 10:36
e93629b052f25d25c92a4afaee51cc...
7a799f4f9aa63745a75b901a392aff29
Generic Malware
Malicious Library
UPX
PE File
DLL
PE64
DllRegisterServer
dll
OS Processor Check
VirusTotal
Malware
AutoRuns
PDB
Check memory
Checks debugger
unpack itself
Ransomware
Windows
2.8
8
ZeroCERT
1049
2024-08-14 17:50
uno.ps1
88266488dc0941b4ec3aeb8fcce4af6c
Generic Malware
Antivirus
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
Creates executable files
unpack itself
Windows utilities
suspicious process
WriteConsoleW
Windows
ComputerName
Cryptographic key
1
Keyword trend analysis
×
Info
×
http://64.94.84.206/plug3.ps1
6.6
M
2
ZeroCERT
1050
2024-08-14 17:47
plug3.ps1
b5e93a1c787af8f0bcc1ff99d12722d9
Generic Malware
Antivirus
VirusTotal
Malware
Check memory
unpack itself
WriteConsoleW
Windows
Cryptographic key
3
Keyword trend analysis
×
Info
×
http://64.94.84.206/extensionreptil2.xpi
http://64.94.84.206/portable.zip
http://64.94.84.206/extension3922.zip
1.4
8
ZeroCERT
First
Previous
61
62
63
64
65
66
67
68
69
70
Next
Last
Total : 48,199cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword