Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
11881
2021-08-30 21:16
sureboizx.exe
cc330b4889b6bbe91a46aad22393351d
PWS
.NET framework
Generic Malware
SMTP
KeyLogger
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows
ComputerName
Cryptographic key
crashed
8.4
M
19
ZeroCERT
11882
2021-08-30 21:17
481366c6492a12aaff76c6b24dede5...
f378cc2c89fcba199ec4ee04aa47301c
Malicious Library
PE File
OS Processor Check
PE32
VirusTotal
Malware
Check memory
Windows
crashed
2.4
M
40
ZeroCERT
11883
2021-08-30 21:18
goodjob.exe
a12c7a38bc470a3480553aaa77789cdb
Malicious Library
PE File
PE32
VirusTotal
Malware
PDB
unpack itself
1.8
25
ZeroCERT
11884
2021-08-30 21:21
290821.exe
4adaa4244825529c76c2577efb57a760
Malicious Library
PE File
PE32
VirusTotal
Malware
PDB
unpack itself
2.0
M
37
ZeroCERT
11885
2021-08-30 21:23
vbc.exe
2ddadd9af7d0931c46a8633f3aec0a74
PWS
.NET framework
Generic Malware
PE File
.NET EXE
PE32
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
unpack itself
Windows
Cryptographic key
4.8
M
27
ZeroCERT
11886
2021-08-30 21:25
file17.exe
972a77c01838d42b89055540447e8571
Generic Malware
Malicious Library
PE File
.NET EXE
PE32
VirusTotal
Malware
0.8
M
26
ZeroCERT
11887
2021-08-31 07:53
loligang.mpsl
912f7433e1a4473f5f2340f7c9cb2e9b
AntiDebug
AntiVM
ELF
VirusTotal
Email Client Info Stealer
Malware
suspicious privilege
Checks debugger
Creates shortcut
unpack itself
AntiVM_Disk
VM Disk Size Check
installed browsers check
Browser
Email
ComputerName
4.8
36
ZeroCERT
11888
2021-08-31 07:55
XKO.exe
88d2bdf5cfaa08a0ba1013937bec828d
Generic Malware
DNS
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
Buffer PE
AutoRuns
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
buffers extracted
WMI
unpack itself
Windows utilities
suspicious process
WriteConsoleW
human activity check
Windows
ComputerName
DNS
DDNS
2
Info
×
xp18.ddns.net(103.133.111.221) - mailcious
103.133.111.221
1
Info
×
ET POLICY DNS Query to DynDNS Domain *.ddns .net
14.0
M
23
ZeroCERT
11889
2021-08-31 07:58
HBN.exe
8a357646914df95fc52940a046e4012d
Generic Malware
DNS
AntiDebug
AntiVM
PE File
.NET EXE
PE32
Malware download
Nanocore
VirusTotal
Malware
c&c
Buffer PE
AutoRuns
suspicious privilege
MachineGuid
Code Injection
Check memory
Checks debugger
buffers extracted
WMI
unpack itself
Windows utilities
suspicious process
WriteConsoleW
human activity check
Windows
ComputerName
DNS
DDNS
2
Info
×
godisgood1.hopto.org(103.156.91.208) - mailcious
103.156.91.208
2
Info
×
ET POLICY DNS Query to DynDNS Domain *.hopto .org
ET MALWARE Possible NanoCore C2 60B
13.0
M
25
ZeroCERT
11890
2021-08-31 07:58
AXC.exe
75fc478585b12d3a8f0216b1b28c6944
UPX
PE File
PE32
Malware download
VirusTotal
Malware
AutoRuns
Malicious Traffic
Check memory
RWX flags setting
unpack itself
suspicious process
anti-virtualization
Windows
DNS
keylogger
3
Info
×
swryijgrvcsgkopnmcdertvgdswbvmophtfdczxs.ydns.eu(78.129.249.105) - mailcious
78.129.249.105 - mailcious
103.133.111.149 - malware
1
Info
×
ET MALWARE Generic .bin download from Dotted Quad
9.6
M
20
ZeroCERT
11891
2021-08-31 09:27
WIN32U.exe
346d98c71732a08053f6e8f87b072209
AgentTesla(IN)
RAT
Generic Malware
Malicious Packer
Malicious Library
PE File
.NET EXE
PE32
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Email Client Info Stealer
Malware
suspicious privilege
Check memory
Checks debugger
unpack itself
Windows
Browser
Email
ComputerName
Cryptographic key
Software
crashed
keylogger
6.2
M
38
ZeroCERT
11892
2021-08-31 09:27
WIN32T.exe
98c22c74f41003c443c1e26b72e3e1d4
AgentTesla(IN)
RAT
Generic Malware
Malicious Packer
Malicious Library
PE File
.NET EXE
PE32
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Email Client Info Stealer
Malware
suspicious privilege
Check memory
Checks debugger
unpack itself
Windows
Browser
Email
ComputerName
Cryptographic key
Software
crashed
keylogger
6.2
M
36
ZeroCERT
11893
2021-08-31 09:29
WIN32C.exe
eff4f95a7ae8393e96d50e6e8a83b7b3
AgentTesla
RAT
PWS
.NET framework
browser
info stealer
Generic Malware
Google
Chrome
User Data
Socket
Sniff Audio
Escalate priviledges
KeyLogger
Code injection
Internet API
Downloader
persistence
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
Buffer PE
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows
DNS
Cryptographic key
DDNS
crashed
2
Info
×
mrtoby.hopto.org(91.193.75.168) - mailcious
91.193.75.168 - mailcious
1
Info
×
ET POLICY DNS Query to DynDNS Domain *.hopto .org
9.0
M
44
ZeroCERT
11894
2021-08-31 09:30
WIN32D.exe
78759a928bb2b4939dc057b6634f2aaf
AgentTesla
backdoor
RemcosRAT
browser
info stealer
Google
Chrome
User Data
UPX
Malicious Packer
Malicious Library
DGA
DNS
Socket
Create Service
Sniff Audio
Escalate priviledges
KeyLogger
Code injection
HTTP
Hijack Network
Internet API
FTP
ScreenShot
Http
VirusTotal
Malware
AutoRuns
Code Injection
Check memory
Creates executable files
Windows utilities
malicious URLs
WriteConsoleW
Windows
DNS
DDNS
2
Info
×
tobi12345.hopto.org(91.193.75.202) - mailcious
91.193.75.202
1
Info
×
ET POLICY DNS Query to DynDNS Domain *.hopto .org
8.0
M
59
ZeroCERT
11895
2021-08-31 09:32
WARZONE.exe
953055e0715e637ff0f7fe84b126eac9
Generic Malware
SMTP
KeyLogger
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
Buffer PE
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows
ComputerName
DNS
Cryptographic key
crashed
1
Info
×
91.193.75.168 - mailcious
10.6
M
52
ZeroCERT
First
Previous
791
792
793
794
795
796
797
798
799
800
Next
Last
Total : 49,427cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
