Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
12091
2021-09-05 09:01
Tournure.exe
2dbec4adc920592652f560852c828c4a
Generic Malware
Themida Packer
Anti_VM
PE File
.NET EXE
PE32
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Malware
suspicious privilege
Malicious Traffic
Check memory
Checks debugger
buffers extracted
unpack itself
Checks Bios
Collect installed applications
Detects VMWare
Check virtual network interfaces
VMware
anti-virtualization
installed browsers check
Tofsee
Windows
Browser
ComputerName
Firmware
DNS
Cryptographic key
Software
crashed
1
Keyword trend analysis
×
Info
×
https://api.ip.sb/geoip
4
Info
×
api.ip.sb(104.26.13.31)
45.14.49.28
104.26.13.31
91.193.75.238 - mailcious
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
10.6
22
ZeroCERT
12092
2021-09-05 09:03
reestr.exe
e369a4ae59ce3b82b5ed8054f0597341
PE File
PE32
VirusTotal
Malware
2.0
M
37
ZeroCERT
12093
2021-09-05 09:05
santa.clo
316b8cc927e4a9ad4258fc367873d988
Malicious Library
PE File
PE32
VirusTotal
Malware
PDB
unpack itself
Remote Code Execution
2.0
M
28
ZeroCERT
12094
2021-09-05 15:23
210820082.exe
aa9f4e6bb6c363e6384b518aea031016
Generic Malware
Admin Tool (Sysinternals etc ...)
PE File
.NET EXE
PE32
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
unpack itself
Windows
Cryptographic key
5.6
44
Kim.GS
12095
2021-09-05 16:44
82550150ac3397ed391e34aa99d35b...
6c0c5757834168ac9537cd2a85a9ffad
Generic Malware
Malicious Library
PE File
OS Processor Check
PE32
VirusTotal
Malware
PDB
unpack itself
Remote Code Execution
1.8
M
11
ZeroCERT
12096
2021-09-05 16:46
Abnegating.exe
7c81058bf4838d0d570044981a0c4de5
RAT
PWS
.NET framework
Generic Malware
SMTP
AntiDebug
AntiVM
PE File
.NET EXE
PE32
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Malware
suspicious privilege
Code Injection
Malicious Traffic
Check memory
Checks debugger
buffers extracted
unpack itself
Collect installed applications
Check virtual network interfaces
installed browsers check
Tofsee
Ransomware
Windows
Browser
ComputerName
DNS
Cryptographic key
Software
crashed
1
Keyword trend analysis
×
Info
×
https://api.ip.sb/geoip
3
Info
×
api.ip.sb(104.26.12.31)
172.67.75.172 - mailcious
45.147.228.207
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
14.2
M
38
ZeroCERT
12097
2021-09-05 16:47
httpd.exe
0fa802e8a7eafd690f71460f97be0140
Emotet
Gen2
Gen1
Generic Malware
Malicious Library
UPX
Malicious Packer
Downloader
DNS
Socket
Create Service
BitCoin
Escalate priviledges
KeyLogger
Code injection
AntiDebug
AntiVM
PE File
OS Processor Check
PE32
PE64
DLL
VirusTotal
Cryptocurrency Miner
Malware
Cryptocurrency
AutoRuns
PDB
Code Injection
Check memory
Checks debugger
buffers extracted
Creates executable files
unpack itself
Windows utilities
Auto service
Check virtual network interfaces
suspicious process
malicious URLs
AntiVM_Disk
suspicious TLD
WriteConsoleW
VM Disk Size Check
Windows
ComputerName
Firmware
DNS
3
Keyword trend analysis
×
Info
×
http://down.fuck-jp.ru/redis-server.exe
http://api.fuck-jp.ru/run64.txt
http://api.fuck-jp.ru/url64.txt
6
Info
×
down.fuck-jp.ru(104.21.5.45) - malware
pool.fuck-jp.ru(185.144.31.44)
api.fuck-jp.ru(172.67.132.245)
172.67.132.245 - malware
45.147.228.207
185.144.31.44
2
Info
×
ET POLICY PE EXE or DLL Windows file download HTTP
ET POLICY Cryptocurrency Miner Checkin
10.6
M
33
ZeroCERT
12098
2021-09-05 16:48
5674d7511aa1fce0a68969dc57375b...
627b9922c12fa0d1158a61b52a807028
Generic Malware
Malicious Library
PE File
OS Processor Check
PE32
VirusTotal
Malware
PDB
unpack itself
Remote Code Execution
DNS
1
Info
×
185.144.31.44
2.4
M
14
ZeroCERT
12099
2021-09-05 16:53
redis-server.exe
28fed6fd70691d410de60a57d590b549
Generic Malware
UPX
Malicious Library
Malicious Packer
PE File
PE64
OS Processor Check
VirusTotal
Malware
unpack itself
ComputerName
1.6
36
ZeroCERT
12100
2021-09-06 08:14
winner.jpg
62599714704819263c9eb56fb5ee7963
Generic Malware
PE File
.NET DLL
DLL
PE32
VirusTotal
Malware
PDB
1.2
11
ZeroCERT
12101
2021-09-06 08:16
ann.exe
ab554a6a408e86cc9a0332dc9eecc186
Worm
Phorpiex
Malicious Library
Malicious Packer
PE File
OS Processor Check
PE32
VirusTotal
Malware
Check memory
unpack itself
sandbox evasion
2.0
8
ZeroCERT
12102
2021-09-06 08:16
clip.exe
0f41234ce843d72a64c622ed1a7a8cb0
Malicious Library
PE File
PE32
VirusTotal
Malware
AutoRuns
unpack itself
Windows utilities
suspicious process
WriteConsoleW
Windows
ComputerName
3.8
16
ZeroCERT
12103
2021-09-06 08:19
LunaSA.exe
e835d35349d0dd69dc96a5f67b937caf
RAT
Generic Malware
PE File
OS Processor Check
.NET EXE
PE32
Browser Info Stealer
VirusTotal
Malware
MachineGuid
Malicious Traffic
Check memory
Checks debugger
WMI
unpack itself
Checks Bios
Detects VirtualBox
Check virtual network interfaces
VMware
anti-virtualization
IP Check
Tofsee
Browser
ComputerName
Software
crashed
3
Keyword trend analysis
×
Info
×
http://ip-api.com//json/175.208.134.150
https://ip4.seeip.org/
https://discord.com/api/webhooks/883326477058322432/IXZLhaSxLX1AF91879NsCIngdIsdSS1jfKadTr2S5yvi7fyakjNiWsb46ZXZWAKSxguX
6
Info
×
ip4.seeip.org(23.128.64.141)
discord.com(162.159.138.232) - mailcious
ip-api.com(208.95.112.1)
162.159.128.233
23.128.64.141
208.95.112.1
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET POLICY External IP Lookup ip-api.com
8.4
40
ZeroCERT
12104
2021-09-06 08:21
faster4upusa.exe
9eff1fa203474d2c90d490415fd380c9
PE File
PE64
crashed
0.8
ZeroCERT
12105
2021-09-06 08:32
bypass.txt.ps1
9a5efb3abce6346200b089761fff1688
Generic Malware
Antivirus
VirusTotal
Malware
Check memory
unpack itself
WriteConsoleW
Windows
Cryptographic key
1.4
M
1
ZeroCERT
First
Previous
801
802
803
804
805
806
807
808
809
810
Next
Last
Total : 49,427cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
