Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
13321
2023-05-12 09:55
645d8620ab56f.zip
f273ad23fb6109a3d45643dc29084a86
ZIP Format
Malware
Malicious Traffic
NetSupport
2
Keyword trend analysis
×
Info
×
http://geo.netsupportsoftware.com/location/loca.asp
http://89.22.237.94:5222/http://89.22.237.94/fakeurl.htm
4
Info
×
geo.netsupportsoftware.com(62.172.138.67)
blahadfurtik.com(89.22.237.94) - mailcious
89.22.237.94 - mailcious
51.142.119.24
3
Info
×
ET INFO NetSupport Remote Admin Checkin
ET INFO NetSupport Remote Admin Response
ET POLICY NetSupport GeoLocation Lookup Request
0.8
ZeroCERT
13322
2023-05-12 09:43
645d85f10366f.zip
e5e14d83b8c78f4ef66ec2fa554ddada
ZIP Format
Malware
Malicious Traffic
NetSupport
2
Keyword trend analysis
×
Info
×
http://geo.netsupportsoftware.com/location/loca.asp
http://89.22.237.94:5222/http://89.22.237.94/fakeurl.htm
4
Info
×
geo.netsupportsoftware.com(62.172.138.67)
blahadfurtik.com(89.22.237.94) - mailcious
89.22.237.94 - mailcious
62.172.138.67
3
Info
×
ET INFO NetSupport Remote Admin Checkin
ET POLICY NetSupport GeoLocation Lookup Request
ET INFO NetSupport Remote Admin Response
0.8
ZeroCERT
13323
2023-05-12 09:34
134.exe
7f7d127294ffc58543e0197866ba1371
UPX
Malicious Library
OS Processor Check
PE File
PE32
VirusTotal
Malware
PDB
unpack itself
Remote Code Execution
2.4
M
45
ZeroCERT
13324
2023-05-12 09:32
newbuild.exe
41d09d5600b1b30b656d33553ac71d0d
UPX
Malicious Library
OS Processor Check
PE File
PE32
VirusTotal
Malware
PDB
unpack itself
Remote Code Execution
2.4
M
40
ZeroCERT
13325
2023-05-12 09:30
Lrvoys.js
ce6f4ba124b7e93b1133bb0ee0e7e4e1
Generic Malware
Admin Tool (Sysinternals etc ...)
Antivirus
Hide_URL
AntiDebug
AntiVM
PowerShell
powershell
suspicious privilege
Code Injection
Check memory
Checks debugger
Creates shortcut
unpack itself
suspicious process
Windows
ComputerName
Cryptographic key
1
Keyword trend analysis
×
Info
×
http://79.137.248.163/XnQd2bL/GRAI3wuk
6.2
ZeroCERT
13326
2023-05-12 09:29
Cnsx.js
10cb0a754ebcb9f526f7124105d1c1fc
Generic Malware
Antivirus
Hide_URL
AntiDebug
AntiVM
PowerShell
powershell
suspicious privilege
Code Injection
Check memory
Checks debugger
Creates shortcut
unpack itself
suspicious process
Windows
ComputerName
Cryptographic key
1
Keyword trend analysis
×
Info
×
http://91.193.43.98/AGvZh8C/WwzssPjfvzF
6.2
ZeroCERT
13327
2023-05-12 09:28
71c95442-4415-4ad2-b550-28ba52...
c21947b75b1bbec904d0d954d5571fce
UPX
Malicious Library
AntiDebug
AntiVM
OS Processor Check
PE File
PE32
VirusTotal
Malware
Buffer PE
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
WriteConsoleW
ComputerName
crashed
7.8
M
43
ZeroCERT
13328
2023-05-12 09:26
pmZdtegi.exe
92188f68cfaf42d02c08fbf7c9b0ab94
PE64
PE File
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
1.8
31
ZeroCERT
13329
2023-05-12 09:23
s.exe
61d510bf7f8a1ab8175ea3e97fce511d
UPX
Malicious Library
OS Processor Check
PE File
PE32
PDB
unpack itself
Remote Code Execution
1.2
ZeroCERT
13330
2023-05-12 09:23
setup.exe
c9e2ee39f9899dcbb8b51de798971892
UPX
Malicious Library
OS Processor Check
PE File
PE32
VirusTotal
Malware
PDB
unpack itself
Remote Code Execution
2.4
M
41
ZeroCERT
13331
2023-05-12 09:21
96692826357471468817.bin
fab02f4052aadb65ebe180e58da323b9
Gen1
UPX
Malicious Library
OS Processor Check
PE File
PE32
VirusTotal
Malware
unpack itself
Windows utilities
WriteConsoleW
Windows
ComputerName
crashed
3.6
M
49
ZeroCERT
13332
2023-05-12 09:21
RKiDaNx.exe
fe415fe7497faeb1c84614d9a267b2eb
Generic Malware
Suspicious_Script_Bin
UPX
Malicious Library
Antivirus
MZP Format
PE File
PE32
BMP Format
OS Processor Check
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
Creates executable files
unpack itself
powershell.exe wrote
suspicious process
AppData folder
AntiVM_Disk
WriteConsoleW
VM Disk Size Check
Windows
ComputerName
Cryptographic key
5.6
M
23
ZeroCERT
13333
2023-05-12 09:19
19458864137650990516.bin
2e942319c47888095b2b892637b0f2d7
Gen1
UPX
Malicious Library
OS Processor Check
PE File
PE32
VirusTotal
Malware
unpack itself
Windows utilities
WriteConsoleW
Windows
ComputerName
crashed
3.6
M
46
ZeroCERT
13334
2023-05-12 09:19
upl.ps1
b1a7bf990d3edf74025d84a61c2ecbbb
Generic Malware
Antivirus
PowerShell
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
powershell.exe wrote
suspicious process
WriteConsoleW
Windows
ComputerName
Cryptographic key
4.4
M
ZeroCERT
13335
2023-05-11 18:50
vbc.exe
c6db01a5743d408fc4f0c37ba58a281f
NSIS
Suspicious_Script_Bin
UPX
Malicious Library
PE File
PE32
DLL
PNG Format
VirusTotal
Malware
AppData folder
1.6
M
31
ZeroCERT
First
Previous
881
882
883
884
885
886
887
888
889
890
Next
Last
Total : 49,434cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
