Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
13516
2023-05-04 10:03
Oar.js
e524b5c0bdf43ce16919e7d0f2d4beb9
Generic Malware
Antivirus
AntiDebug
AntiVM
PowerShell
powershell
suspicious privilege
Code Injection
Check memory
Checks debugger
Creates shortcut
unpack itself
suspicious process
Windows
ComputerName
Cryptographic key
3
Keyword trend analysis
×
Info
×
http://172.86.121.196/1dLH/13LjvkIo
http://209.97.158.104/GdLTZQ/ErjzayuJ
http://45.55.38.156/gUKoVsK/fjYAmLL
5.6
ZeroCERT
13517
2023-05-04 10:00
vdcs.exe
5a6929c141164830993b2c604e14a2a2
UPX
Malicious Library
OS Processor Check
PE32
PE File
Check memory
RWX flags setting
unpack itself
anti-virtualization
crashed
2.4
guest
13518
2023-05-04 09:51
bMfk.vbs
93531a051fea874cac3cb8e4fdb84b7f
Generic Malware
Antivirus
PowerShell
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
wscript.exe payload download
Creates shortcut
unpack itself
suspicious process
WriteConsoleW
Tofsee
Windows
ComputerName
Cryptographic key
2
Info
×
raw.githubusercontent.com(185.199.108.133) - malware
185.199.108.133 - mailcious
2
Info
×
ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
6.4
7
ZeroCERT
13519
2023-05-04 09:51
rentfree.dat
80801929519c04513ee47c985feaf19b
UPX
Malicious Library
OS Processor Check
DLL
PE32
PE File
Checks debugger
RWX flags setting
unpack itself
ComputerName
crashed
2.4
M
ZeroCERT
13520
2023-05-04 09:51
fotocr54.exe
6311878ae700ef484c76e9f6be5d78e4
Gen1
Emotet
UPX
Malicious Library
Malicious Packer
CAB
PE32
PE File
OS Processor Check
Browser Info Stealer
FTP Client Info Stealer
AutoRuns
PDB
suspicious privilege
Check memory
Checks debugger
WMI
Creates executable files
unpack itself
Windows utilities
Disables Windows Security
Collect installed applications
suspicious process
AppData folder
AntiVM_Disk
WriteConsoleW
VM Disk Size Check
installed browsers check
Windows
Update
Browser
ComputerName
Remote Code Execution
DNS
Cryptographic key
Software
crashed
1
Keyword trend analysis
×
Info
×
http://77.91.124.20/store/games/Plugins/cred64.dll
2
Info
×
77.91.124.20 - malware
217.196.96.56
15.4
M
ZeroCERT
13521
2023-05-04 09:48
clip64.dll
8451a2c5daa42b25333b1b2089c5ea39
UPX
Admin Tool (Sysinternals etc ...)
Malicious Library
OS Processor Check
DLL
PE32
PE File
VirusTotal
Malware
PDB
Checks debugger
unpack itself
2.0
M
59
ZeroCERT
13522
2023-05-04 09:47
222.exe
4d4212036a589d7836254cacc5ec5e6c
AntiDebug
AntiVM
MSOffice File
Code Injection
ICMP traffic
RWX flags setting
exploit crash
unpack itself
Windows utilities
Tofsee
Windows
Exploit
DNS
crashed
5
Info
×
camo.githubusercontent.com(185.199.108.133)
fonts.googleapis.com(142.250.206.202)
142.250.66.42
185.199.108.133 - mailcious
172.217.25.10
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
6.0
M
ZeroCERT
13523
2023-05-04 09:45
rentfree.dat
a6e099f81ae62f5de281457d501883ba
UPX
Malicious Library
OS Processor Check
DLL
PE32
PE File
Checks debugger
RWX flags setting
unpack itself
ComputerName
crashed
2.4
ZeroCERT
13524
2023-05-04 01:06
http://criminalip.io
c6b01af9a5caed9d9acada32691fe639
Downloader
Create Service
DGA
Socket
DNS
Hijack Network
Code injection
HTTP
PWS[m]
Sniff Audio
Steal credential
Http API
P2P
Internet API
Escalate priviledges
persistence
FTP
KeyLogger
ScreenShot
AntiDebug
AntiVM
MSOffice File
PNG Format
JPEG Format
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
Exploit
DNS
crashed
1
Keyword trend analysis
×
Info
×
http://criminalip.io/
2
Info
×
criminalip.io(104.22.3.20)
104.22.2.20
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
4.2
guest
13525
2023-05-03 17:53
P78.txt.ps1
89e23a789958deaea91d782ad2264588
Generic Malware
Antivirus
VirusTotal
Malware
Check memory
unpack itself
WriteConsoleW
Windows
Cryptographic key
1.4
M
5
ZeroCERT
13526
2023-05-03 17:25
main.c47195de.css.fileloc
8166baea86d4829ebbb172b5b949a7c7
AntiDebug
AntiVM
Email Client Info Stealer
suspicious privilege
Checks debugger
Creates shortcut
unpack itself
installed browsers check
Browser
Email
ComputerName
3.4
BRY
13527
2023-05-03 16:09
vpm.dll
9c99486ea32b953883160b8681b37ff7
VMProtect
Malicious Library
DLL
PE32
PE File
VirusTotal
Malware
Check memory
Checks debugger
RWX flags setting
unpack itself
2.8
18
r0d
13528
2023-05-03 14:32
dropdown.min_ee47ece9d48d13a62...
c379751022a6a6000b6038e50faf5baa
ScreenShot
AntiDebug
AntiVM
Check memory
unpack itself
1.0
BRY
13529
2023-05-03 10:53
TRIBL%20Litepaper_Final%20Draf...
03e29b4c0d409de760ba5397cba8605d
PDF
M
ZeroCERT
13530
2023-05-03 10:01
build.exe
513eeefe11218aa5722526a3adc09193
NPKI
Generic Malware
UPX
Malicious Packer
Malicious Library
OS Processor Check
PE64
PE File
VirusTotal
Malware
crashed
1.4
M
45
ZeroCERT
First
Previous
901
902
903
904
905
906
907
908
909
910
Next
Last
Total : 49,435cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
