Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
10846
2023-08-10 07:47
index.exe
18462ea23f4eb50b95c5c3c30674f26c
UPX
Malicious Library
OS Processor Check
PE File
PE32
PDB
buffers extracted
unpack itself
sandbox evasion
Browser
ComputerName
DNS
1
Info
×
5.8.18.42 - mailcious
4.4
ZeroCERT
10847
2023-08-10 07:45
hkcmds.exe
e8ea1b6581dc17674bac8ab3202fa6f3
Generic Malware
UPX
Malicious Library
PE File
PE32
DLL
PE64
PNG Format
Check memory
Creates executable files
unpack itself
AppData folder
1.6
M
ZeroCERT
10848
2023-08-10 07:45
mosa.exe
a4068080e979a1fee7bce6baaec0f5f3
.NET framework(MSIL)
.NET EXE
PE File
PE32
PDB
suspicious privilege
Code Injection
Check memory
Checks debugger
unpack itself
4.4
M
ZeroCERT
10849
2023-08-09 17:59
rove.exe
0d2ca797bea99d6407c7c947f2156f37
NSIS
Suspicious_Script_Bin
UPX
Malicious Library
PE File
PE32
DLL
VirusTotal
Malware
Check memory
Creates shortcut
Creates executable files
unpack itself
AppData folder
Windows
crashed
4.2
34
ZeroCERT
10850
2023-08-09 17:58
damianozx.exe
a1d1b746da75f6f887ef0f05b04c8d1f
.NET EXE
PE File
PE32
VirusTotal
Malware
PDB
suspicious privilege
Code Injection
Check memory
Checks debugger
unpack itself
5.4
33
ZeroCERT
10851
2023-08-09 17:56
kellyzx.doc
b98806523c4916585df3f414296d0905
MS_RTF_Obfuscation_Objects
RTF File
doc
VirusTotal
Malware
Malicious Traffic
exploit crash
Exploit
DNS
crashed
2
Keyword trend analysis
×
Info
×
http://194.55.224.15/kelly/five/fre.php
http://2.59.254.18/_errorpages/kellyzx.exe
2
Info
×
2.59.254.18 - malware
194.55.224.15
4.4
M
29
ZeroCERT
10852
2023-08-09 17:51
importance-x.hta
5ffa9afcf0b8f6f600119cf4c35b5c6c
Generic Malware
Antivirus
AntiDebug
AntiVM
PowerShell
MSOffice File
VirusTotal
Malware
powershell
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
Creates shortcut
RWX flags setting
exploit crash
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
WriteConsoleW
Windows
Exploit
ComputerName
DNS
Cryptographic key
crashed
9.6
16
ZeroCERT
10853
2023-08-09 17:24
alertzx.exe
4ee46eae1d7757b7bb1892c06fcb2393
PWS
SMTP
KeyLogger
AntiDebug
AntiVM
.NET EXE
PE File
PE32
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Email Client Info Stealer
Malware
PDB
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Check virtual network interfaces
Browser
Email
ComputerName
Software
crashed
2
Info
×
smtp.hengshlusa.com(208.91.198.143) -
208.91.199.224 -
11.2
31
ZeroCERT
10854
2023-08-09 17:20
importance-x.hta
5ffa9afcf0b8f6f600119cf4c35b5c6c
VirusTotal
Malware
unpack itself
crashed
1.2
16
ZeroCERT
10855
2023-08-09 17:20
Nepal Relation with European C...
86b57b0ec360f45331fc5e4eb5c99611
AntiDebug
AntiVM
CHM Format
VirusTotal
Malware
AutoRuns
MachineGuid
Code Injection
Check memory
RWX flags setting
unpack itself
Windows utilities
suspicious process
WriteConsoleW
Windows
ComputerName
1
Keyword trend analysis
×
Info
×
http://daveonenewtestpanel.com/axis/cone.php
4.8
29
ZeroCERT
10856
2023-08-09 17:17
LogonFile.exe
bff3120685dafe9e31206887df290c02
UPX
Malicious Library
Malicious Packer
OS Processor Check
PE64
PE File
VirusTotal
Malware
unpack itself
crashed
1.6
26
ZeroCERT
10857
2023-08-09 17:16
dns.exe
6efabb64de8a8835ebfe9f189fe14bdf
Admin Tool (Sysinternals etc ...)
.NET EXE
PE File
PE32
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
Check virtual network interfaces
2
Info
×
i.ibb.co(104.194.8.143) -
104.194.8.120 -
2.2
36
ZeroCERT
10858
2023-08-09 17:15
loader.hta
2c3231b88b767d7d01eefbd05868b3a8
Hide_EXE
Generic Malware
UPX
Malicious Library
Malicious Packer
Http API
PWS
ScreenShot
KeyLogger
AntiDebug
AntiVM
OS Processor Check
DLL
PE64
PE File
VirusTotal
Email Client Info Stealer
Malware
MachineGuid
Code Injection
Check memory
Checks debugger
RWX flags setting
exploit crash
unpack itself
installed browsers check
Windows
Exploit
Browser
Email
Cryptographic key
crashed
5.2
4
ZeroCERT
10859
2023-08-09 17:14
Terminator.sys
21e13f2cb269defeae5e1d09887d47bb
Generic Malware
UPX
Antivirus
OS Processor Check
PE64
PE File
VirusTotal
Malware
PDB
1.0
16
ZeroCERT
10860
2023-08-09 17:13
en-win-upd(localchr).url
f8bf0dddb23f80f69552a2fb661393b5
AntiDebug
AntiVM
Malware
powershell
suspicious privilege
MachineGuid
Code Injection
Malicious Traffic
Check memory
Checks debugger
Creates shortcut
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
Windows
ComputerName
DNS
Cryptographic key
4
Keyword trend analysis
×
Info
×
http://94.156.6.203/Downloads/desktop.ini
http://94.156.6.203/Downloads
http://94.156.6.203/Downloads/revenue-en-local.lnk
http://94.156.6.203/
1
Info
×
94.156.6.203 -
6.6
ZeroCERT
First
Previous
721
722
723
724
725
726
727
728
729
730
Next
Last
Total : 49,422cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
