Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
10786
2023-08-11 16:18
soft.exe
4e8f34a4c631073808c74481f456e357
Generic Malware
UPX
Malicious Library
Malicious Packer
OS Processor Check
PE64
PE File
VirusTotal
Malware
crashed
1.4
51
ZeroCERT
10787
2023-08-11 16:15
twilighttwilight.hta
163b7346917aa5936bac2b3cb67df947
Generic Malware
Antivirus
AntiDebug
AntiVM
PowerShell
MSOffice File
VirusTotal
Malware
powershell
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
Creates shortcut
exploit crash
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
WriteConsoleW
Windows
Exploit
ComputerName
DNS
Cryptographic key
crashed
9.2
16
ZeroCERT
10788
2023-08-11 16:15
EpilogStrongyls.exe
fc44d05db7c9bc9dcebef7e3a5b96d4c
UPX
Malicious Library
OS Processor Check
PE File
PE32
VirusTotal
Malware
unpack itself
Remote Code Execution
2.2
M
40
ZeroCERT
10789
2023-08-11 16:13
build32.exe
902b8b84ab8e77279f06d1fa4bb769a3
UPX
Malicious Library
OS Processor Check
PE File
PE32
VirusTotal
Malware
unpack itself
Remote Code Execution
2.2
M
46
ZeroCERT
10790
2023-08-11 16:13
msedge.exe
50e0bef8c8ea8ffab979360ed54e7890
Admin Tool (Sysinternals etc ...)
.NET EXE
PE File
PE32
VirusTotal
Malware
PDB
Check memory
Checks debugger
unpack itself
Windows
Cryptographic key
2.6
33
ZeroCERT
10791
2023-08-11 16:10
Install Updater (win-stable)-c...
f1c8a94d79296f81464b3ebd5c84450e
Generic Malware
GIF Format
Email Client Info Stealer
Creates shortcut
AntiVM_Disk
WriteConsoleW
VM Disk Size Check
Email
1
Keyword trend analysis
×
Info
×
https://irenosolutions.com/wp-content/uploads/wpcode/cache/twilighttwilight.hta
1.6
ZeroCERT
10792
2023-08-11 11:00
local-upd.url
d4b9ce4e681d712ad2e0e39fdcbd6c6a
AntiDebug
AntiVM
MSOffice File
Malware
Code Injection
Malicious Traffic
RWX flags setting
exploit crash
unpack itself
Windows utilities
Windows
Exploit
DNS
crashed
3
Keyword trend analysis
×
Info
×
http://94.156.6.203/Downloads
http://94.156.6.203/
http://94.156.6.203/Downloads/local-update-ver104.215.51.exe
1
Info
×
94.156.6.203 - mailcious
4.2
guest
10793
2023-08-11 11:00
drop-updater.lnk
8e13f86d6f5f82200ac569d1c3d2e9ca
Generic Malware
Antivirus
AntiDebug
AntiVM
GIF Format
VirusTotal
Malware
powershell
suspicious privilege
Code Injection
Check memory
Checks debugger
Creates shortcut
unpack itself
powershell.exe wrote
suspicious process
WriteConsoleW
Windows
ComputerName
Cryptographic key
1
Keyword trend analysis
×
Info
×
https://www.redconsultora.com/campus/portfolio/relaxation.hta
4.8
13
guest
10794
2023-08-11 09:44
wis2war.vbs
72fab82acb233fa5b2d7aeb5cecf14bb
Hide_EXE
Anti_VM
PE File
VirusTotal
Malware
VBScript
AutoRuns
WMI
wscript.exe payload download
Creates executable files
unpack itself
AntiVM_Disk
IP Check
VM Disk Size Check
Windows
ComputerName
DNS
DDNS
crashed
Dropper
2
Keyword trend analysis
×
Info
×
http://ip-api.com/json/
http://chongmei33.publicvm.com:7045/is-ready
4
Info
×
chongmei33.publicvm.com(103.47.144.15) - mailcious
ip-api.com(208.95.112.1)
103.47.144.15
208.95.112.1
10.0
30
ZeroCERT
10795
2023-08-11 09:41
getReasonData.exe
39a3b5a48178b860ba3c69dfa191e974
UPX
Malicious Library
OS Processor Check
PE File
PE32
VirusTotal
Malware
AutoRuns
Windows
1.6
M
38
ZeroCERT
10796
2023-08-11 09:41
IFB.vbs
ec8dee0c18ddbd51ba9b3f3da9b3ee5f
Generic Malware
Antivirus
Hide_URL
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
buffers extracted
Creates shortcut
unpack itself
Windows utilities
Check virtual network interfaces
suspicious process
WriteConsoleW
Windows
ComputerName
Cryptographic key
3
Keyword trend analysis
×
Info
×
http://apps.identrust.com/roots/dstrootcax3.p7c
https://uploaddeimagens.com.br/images/004/563/621/original/universo_vbs.jpeg?1690931855
http://94.156.161.167/tl/izs45.txt
3
Info
×
uploaddeimagens.com.br(172.67.215.45) - malware
121.254.136.27
104.21.45.138 - malware
9.4
6
ZeroCERT
10797
2023-08-11 09:41
azzo.vbs
d3a9ae0de027a95f8cd5f176e62f76af
Generic Malware
Antivirus
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
suspicious process
WriteConsoleW
Windows
ComputerName
Cryptographic key
5.4
14
ZeroCERT
10798
2023-08-11 09:39
ss.vbs
aa006b14ff4ae7b4499ac250b9370f66
Generic Malware
Antivirus
Hide_URL
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
buffers extracted
Creates shortcut
unpack itself
Windows utilities
Check virtual network interfaces
suspicious process
WriteConsoleW
Windows
ComputerName
Cryptographic key
3
Keyword trend analysis
×
Info
×
http://apps.identrust.com/roots/dstrootcax3.p7c
https://uploaddeimagens.com.br/images/004/563/621/original/universo_vbs.jpeg?1690931855
https://yorkrefrigerent.md/public/sass/vn/ifrdhf.txt
3
Info
×
uploaddeimagens.com.br(172.67.215.45) - malware
121.254.136.27
172.67.215.45 - malware
8.8
2
ZeroCERT
10799
2023-08-11 09:39
bkop.vbs
0706d45218e9831bd7caccef79b6425d
Generic Malware
Antivirus
PowerShell
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
Windows utilities
suspicious process
WriteConsoleW
Windows
ComputerName
Cryptographic key
6.0
21
ZeroCERT
10800
2023-08-11 09:01
koob7.doc
22a53781e8ed2786f7151db1d50cf9c1
GuLoader
MS_RTF_Obfuscation_Objects
RTF File
doc
VirusTotal
Malware
Malicious Traffic
exploit crash
unpack itself
Exploit
DNS
crashed
3
Keyword trend analysis
×
Info
×
http://geoplugin.net/json.gp
http://64.188.25.4/ASfZgs135.bin - rule_id: 35745
http://194.55.224.13/_errorpages/koob7.exe
5
Info
×
geoplugin.net(178.237.33.50)
178.237.33.50
64.188.25.4 - mailcious
69.61.42.27 - mailcious
194.55.224.13 - malware
1
Info
×
http://64.188.25.4/ASfZgs135.bin
4.6
M
31
ZeroCERT
First
Previous
711
712
713
714
715
716
717
718
719
720
Next
Last
Total : 49,422cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
