Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
13636
2023-04-26 09:46
vbc.exe
0dc0089f6a7714e1b17cf85b07ca9231
Generic Malware
Antivirus
SMTP
KeyLogger
AntiDebug
AntiVM
.NET EXE
PE32
PE File
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Email Client Info Stealer
Malware
powershell
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
Creates shortcut
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
WriteConsoleW
Windows
Browser
Email
ComputerName
Cryptographic key
Software
crashed
13.2
M
35
ZeroCERT
13637
2023-04-26 09:44
Ruzvelt.exe
7d3d3ae76a088f8d9a469d284de0fb05
UPX
Malicious Library
OS Processor Check
PE32
PE File
VirusTotal
Malware
PDB
unpack itself
Remote Code Execution
2.2
M
30
ZeroCERT
13638
2023-04-26 09:44
vbc.exe
e63496b56220eda9ed49225a2bfac1a1
UPX
Admin Tool (Sysinternals etc ...)
.NET EXE
PE32
PE File
VirusTotal
Malware
PDB
suspicious privilege
Code Injection
Check memory
Checks debugger
Creates executable files
unpack itself
Windows utilities
suspicious process
AppData folder
WriteConsoleW
Windows
ComputerName
Cryptographic key
8.6
34
ZeroCERT
13639
2023-04-26 09:38
B612.wsf
1203925e308bb967984771d3330c9eae
VBScript
wscript.exe payload download
unpack itself
crashed
Dropper
1
Keyword trend analysis
×
Info
×
http://bristolroofingca.com/zWhP0nv/2 - rule_id: 31084
2
Info
×
bristolroofingca.com(192.185.98.171) - malware
192.185.98.171 - phishing
1
Info
×
http://bristolroofingca.com/zWhP0nv/2
10.0
M
ZeroCERT
13640
2023-04-26 09:37
B590.wsf
b589567d30e62fad0a0529662b0207df
VBScript
wscript.exe payload download
Tofsee
crashed
Dropper
1
Keyword trend analysis
×
Info
×
https://luzharman.ca/mwQvBbW/2
2
Info
×
luzharman.ca(192.185.79.75) - malware
192.185.79.75 - mailcious
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
10.0
ZeroCERT
13641
2023-04-26 09:30
A745.wsf
c10604f2602d7e85e28fa452cd444930
VBScript
wscript.exe payload download
Tofsee
crashed
Dropper
1
Keyword trend analysis
×
Info
×
https://luzharman.ca/mwQvBbW/2
2
Info
×
luzharman.ca(192.185.79.75) - malware
192.185.79.75 - mailcious
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
10.0
ZeroCERT
13642
2023-04-26 09:29
B584.wsf
820327a123eb0f98dcb15bc713d49ecc
unpack itself
crashed
0.6
ZeroCERT
13643
2023-04-26 09:29
Claim_F419.wsf
d40ce5e628bc2fb4df85539432a90fb7
VBScript
wscript.exe payload download
DNS
Dropper
1
Keyword trend analysis
×
Info
×
http://185.39.18.107/ah5tW8LiTPvoXJ.dat
1
Info
×
185.39.18.107 - mailcious
10.0
ZeroCERT
13644
2023-04-26 09:15
Claim_E712.wsf
605f0e8f6e2835c4e40b142f2aee3d27
VBScript
wscript.exe payload download
DNS
Dropper
1
Keyword trend analysis
×
Info
×
http://185.39.18.107/ah5tW8LiTPvoXJ.dat
1
Info
×
185.39.18.107 - mailcious
10.0
ZeroCERT
13645
2023-04-26 09:15
B568.wsf
72c0803e89d617676fbe8bffed241a4a
VBScript
wscript.exe payload download
unpack itself
Tofsee
crashed
Dropper
1
Keyword trend analysis
×
Info
×
https://luzharman.ca/mwQvBbW/2
2
Info
×
luzharman.ca(192.185.79.75) - malware
192.185.79.75 - mailcious
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
10.0
ZeroCERT
13646
2023-04-26 09:15
B569.wsf
3a66ee2e200f89275ac7043dbc2b2831
VBScript
wscript.exe payload download
crashed
Dropper
1
Keyword trend analysis
×
Info
×
https://izigo.online/abXRb/2
1
Info
×
izigo.online() - mailcious
10.0
ZeroCERT
13647
2023-04-26 07:43
2
fca51c45c88a92f340faaca0a8e832c8
UPX
Malicious Library
AntiDebug
AntiVM
OS Processor Check
DLL
PE32
PE File
Code Injection
Check memory
Checks debugger
buffers extracted
ICMP traffic
unpack itself
Windows utilities
sandbox evasion
Windows
Browser
ComputerName
Remote Code Execution
2
Info
×
yahoo.com(98.137.11.164)
98.137.11.163
6.8
ZeroCERT
13648
2023-04-25 18:55
dan.exe
2a531fb5a055bec266f11c721ee3deca
Gen2
Gen1
UPX
Malicious Library
OS Processor Check
PE32
PE File
VirusTotal
Malware
AutoRuns
suspicious privilege
Check memory
AntiVM_Disk
VM Disk Size Check
Windows
Remote Code Execution
DNS
1
Info
×
156.236.72.163 - malware
4.2
M
57
ZeroCERT
13649
2023-04-25 17:56
mimikatz.exe
29efd64dd3c7fe1e2b022b7ad73a1ba5
Gen2
Generic Malware
UPX
Malicious Packer
PE64
PE File
VirusTotal
Malware
Check memory
WriteConsoleW
1.6
M
60
ZeroCERT
13650
2023-04-25 17:54
mimidrv.sys
3e528207ca374123f63789195a4aedde
UPX
Antivirus
PE64
PE File
VirusTotal
Malware
PDB
1.6
M
55
ZeroCERT
First
Previous
901
902
903
904
905
906
907
908
909
910
Next
Last
Total : 49,435cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
