Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
10816
2021-08-03 09:40
Манифест.docx
224cb9048f8743986b552d04f9e804cd
VirusTotal
Malware
RWX flags setting
unpack itself
1
Keyword trend analysis
×
Info
×
https://cloud-documents.com/doc/t.php?action=load_document
1
Info
×
cloud-documents.com()
2.2
15
ZeroCERT
10817
2021-08-03 09:43
Tani_Khan_Matrimonial_profile_...
578d9f0ced02ee2f03ad3484628671d7
Gen2
Antivirus
Malicious Packer
UPX
Malicious Library
PE File
OS Processor Check
PE32
JPEG Format
VirusTotal
Malware
Check memory
Creates executable files
ICMP traffic
unpack itself
Windows utilities
suspicious process
AppData folder
WriteConsoleW
Windows
6.0
34
ZeroCERT
10818
2021-08-03 10:02
PURCHASE ORDER AZAS112.xls.xll
4ebc548df517cae4c7e3122e9c75ede6
Generic Malware
UPX
Malicious Library
PE64
PE File
OS Processor Check
DLL
VirusTotal
Malware
PDB
Remote Code Execution
1.8
21
ZeroCERT
10819
2021-08-03 10:04
RFQ 6020943651-FOR-ATENS.xls.x...
2344d5013ae84f4d70bf359575fba402
Generic Malware
UPX
Malicious Library
PE64
PE File
OS Processor Check
DLL
VirusTotal
Malware
PDB
Remote Code Execution
1.8
22
ZeroCERT
10820
2021-08-03 10:16
content.dotm
23a471d956410bc80dc0cabc006252f6
VBA_macro
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
Check virtual network interfaces
WriteConsoleW
Tofsee
ComputerName
2
Info
×
donattelli.com(185.92.244.225) - malware
185.92.244.225 - malware
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
5.0
M
35
guest
10821
2021-08-03 14:16
BIO.dotm
3a4eade28ea08955d0bb0b271ae55e64
NPKI
VBA_macro
Antivirus
AntiDebug
AntiVM
Malware
powershell
Malicious Traffic
buffers extracted
2
Keyword trend analysis
×
Info
×
http://zenma.getenjoyment.net/ja/ng.txt
http://zenma.getenjoyment.net/ja/post.php
2
Info
×
zenma.getenjoyment.net(185.176.43.106)
185.176.43.106 - malware
2
Info
×
ET INFO PowerShell Hidden Window Command Common In Powershell Stagers M1
ET INFO PowerShell DownloadString Command Common In Powershell Stagers
2.4
ZeroCERT
10822
2021-08-03 16:45
.csrss.exe
cf8578217a8efa9e045f620846fb5489
PWS
.NET framework
Generic Malware
UPX
Admin Tool (Sysinternals etc ...)
PE File
.NET EXE
PE32
VirusTotal
Malware
MachineGuid
Check memory
Checks debugger
unpack itself
Windows
Cryptographic key
2.2
16
ZeroCERT
10823
2021-08-03 16:45
93d.exe
44b5b0e03c6a04882c3c38d2a8b4fbb6
PWS
.NET framework
RAT
Generic Malware
UPX
PE File
.NET EXE
PE32
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
buffers extracted
unpack itself
ComputerName
3.0
21
ZeroCERT
10824
2021-08-03 16:47
vbc.exe
93e2f546bad5cebfec66e8edcf39cf31
Generic Malware
Malicious Library
Admin Tool (Sysinternals etc ...)
SMTP
KeyLogger
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows
ComputerName
Cryptographic key
crashed
9.8
19
ZeroCERT
10825
2021-08-03 16:48
MSVCR100.dll
ec44a1e0f5af1c4bd3f308ff1b3fc879
UPX
Malicious Library
MSOffice File
PE File
OS Processor Check
DLL
PE32
VirusTotal
Malware
Check memory
Checks debugger
Creates executable files
unpack itself
ComputerName
crashed
3.8
38
ZeroCERT
10826
2021-08-03 16:48
HSE2021.exe
a20ea13c632f648a98287c3c24439690
Generic Malware
Admin Tool (Sysinternals etc ...)
SMTP
KeyLogger
AntiDebug
AntiVM
PE File
.NET EXE
PE32
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows utilities
suspicious process
WriteConsoleW
Windows
ComputerName
8.2
M
ZeroCERT
10827
2021-08-03 16:50
.audiodg.exe
2dd7ff2599b0cdcbe4645b80adad4163
PWS
.NET framework
Generic Malware
UPX
Admin Tool (Sysinternals etc ...)
PE File
.NET EXE
PE32
VirusTotal
Malware
MachineGuid
Check memory
Checks debugger
unpack itself
Windows
Cryptographic key
2.2
M
17
ZeroCERT
10828
2021-08-03 16:50
forvt.ps1
e2db114091591696b9513ab615ffcccb
Antivirus
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
suspicious process
Windows
ComputerName
Cryptographic key
5.6
ZeroCERT
10829
2021-08-03 16:53
BTC PAYMENTSCOPY______________...
d5d26738ed73d191556fc5640b43ed39
PWS
.NET framework
RAT
Generic Malware
UPX
Malicious Library
PE File
OS Processor Check
PE32
.NET EXE
VirusTotal
Email Client Info Stealer
Malware
MachineGuid
Check memory
Checks debugger
Creates executable files
RWX flags setting
unpack itself
AppData folder
AntiVM_Disk
VM Disk Size Check
Email
ComputerName
crashed
2
Info
×
mail.sabaint.me(185.239.243.112)
185.239.243.112 - malware
1
Info
×
SURICATA Applayer Detect protocol only one direction
5.8
27
ZeroCERT
10830
2021-08-03 16:54
7f1f7c5c4b6b486e5ba93409440362...
7f1f7c5c4b6b486e5ba9340944036285
VBA_macro
MSOffice File
VirusTotal
Malware
unpack itself
2.4
25
ZeroCERT
First
Previous
721
722
723
724
725
726
727
728
729
730
Next
Last
Total : 49,427cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
