Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
14341
2023-03-22 10:28
handdiy_4.exe
802e1974c79084d3b80ce713a54929aa
AgentTesla
Gen2
Trojan_PWS_Stealer
browser
info stealer
Credential
User Data
Generic Malware
Google
Chrome
Downloader
UPX
Malicious Library
SQLite Cookie
Malicious Packer
Create Service
DGA
Socket
ScreenShot
DNS
BitCoin
Internet API
Code injecti
Browser Info Stealer
VirusTotal
Malware
suspicious privilege
Code Injection
Checks debugger
WMI
Creates executable files
ICMP traffic
exploit crash
unpack itself
Windows utilities
suspicious process
malicious URLs
suspicious TLD
WriteConsoleW
installed browsers check
Tofsee
Windows
Exploit
Browser
ComputerName
Remote Code Execution
DNS
crashed
1
Keyword trend analysis
×
Info
×
https://www.ippfinfo.top/
4
Info
×
iplogger.org(148.251.234.83) - mailcious
www.ippfinfo.top(178.18.252.110)
148.251.234.83
178.18.252.110
5
Info
×
ET DNS Query to a *.top domain - Likely Hostile
ET POLICY IP Check Domain (iplogger .org in DNS Lookup)
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
ET POLICY IP Check Domain (iplogger .org in TLS SNI)
11.6
M
57
ZeroCERT
14342
2023-03-22 10:25
file.zip
bbcf3b4e597001a89d6a95ded6009ef0
ZIP Format
VirusTotal
Malware
0.6
11
ZeroCERT
14343
2023-03-22 10:17
vbc.exe
f99d5a071e38ed4add47c1d47f657422
PWS
.NET framework
.NET EXE
PE32
PE File
VirusTotal
Malware
PDB
Check memory
Checks debugger
unpack itself
crashed
2.6
M
34
ZeroCERT
14344
2023-03-22 10:16
zxcvb.exe
688774feec1cc9685acaece804dc7a26
PWS
.NET framework
RAT
UPX
OS Processor Check
.NET EXE
PE32
PE File
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
ComputerName
2.2
M
53
ZeroCERT
14345
2023-03-22 10:16
csrss.exe
6e73708e3d21f04b6f18aa31a68f582e
Generic Malware
UPX
Malicious Library
Antivirus
PE32
PE File
OS Processor Check
DLL
PNG Format
JPEG Format
CHM Format
VirusTotal
Malware
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
Creates executable files
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
AppData folder
Windows
ComputerName
Cryptographic key
crashed
7.0
M
25
ZeroCERT
14346
2023-03-22 10:14
95.exe
86226298f5f7c878323137119929a4c1
UPX
Malicious Library
OS Processor Check
PE32
PE File
VirusTotal
Malware
PDB
unpack itself
1.8
M
23
ZeroCERT
14347
2023-03-22 10:14
vbc.exe
55aca393f1147b8ad1b2abc5a3c255e4
Generic Malware
UPX
Malicious Library
OS Processor Check
PE32
PE File
VirusTotal
Malware
unpack itself
Remote Code Execution
2.4
M
43
ZeroCERT
14348
2023-03-22 10:13
m8ci.exe
d90d42631511b54444b9cc592e5a4aa2
PWS
.NET framework
RAT
UPX
OS Processor Check
.NET EXE
PE32
PE File
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
ComputerName
1.8
20
ZeroCERT
14349
2023-03-22 10:12
vbc.exe
2414aab964b19e19cb8b57ccc6b3e6c3
PWS
.NET framework
.NET EXE
PE32
PE File
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
2.2
39
ZeroCERT
14350
2023-03-22 10:12
EMVSERVER.exe
702681c442d61dc4a9719bd3e377dc17
Malicious Packer
.NET EXE
PE32
PE File
VirusTotal
Malware
Buffer PE
AutoRuns
suspicious privilege
MachineGuid
Check memory
Checks debugger
buffers extracted
unpack itself
Windows utilities
suspicious process
WriteConsoleW
human activity check
Windows
ComputerName
DNS
DDNS
2
Info
×
emvstudio.ddns.net(18.215.158.39) -
18.215.158.39 -
1
Info
×
ET POLICY DNS Query to DynDNS Domain *.ddns .net
10.4
63
ZeroCERT
14351
2023-03-22 10:11
foto0162.exe
d5ba7e786412f9d686e4377de5caeb8f
Gen1
Emotet
UPX
Malicious Library
CAB
PE32
PE File
Browser Info Stealer
FTP Client Info Stealer
AutoRuns
PDB
suspicious privilege
Check memory
Checks debugger
buffers extracted
WMI
Creates executable files
unpack itself
Disables Windows Security
Collect installed applications
AntiVM_Disk
VM Disk Size Check
installed browsers check
Windows
Update
Browser
ComputerName
Remote Code Execution
DNS
Cryptographic key
Software
crashed
1
Info
×
193.233.20.31 -
10.4
ZeroCERT
14352
2023-03-22 10:09
vbc.exe
eaa6fde6d2070d0a187fdb2b86918216
UPX
Malicious Library
PE32
PE File
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Email Client Info Stealer
Malware
suspicious privilege
MachineGuid
Check memory
Creates executable files
unpack itself
installed browsers check
Browser
Email
ComputerName
DNS
Software
1
Keyword trend analysis
×
Info
×
http://208.67.105.148/milito/five/fre.php
1
Info
×
208.67.105.148 -
8.0
27
ZeroCERT
14353
2023-03-22 10:08
vbc.exe
d064bfcbf2eeffb0dd746daeb03a7208
UPX
Malicious Library
OS Processor Check
PE32
PE File
VirusTotal
Malware
PDB
unpack itself
2.0
34
ZeroCERT
14354
2023-03-22 10:07
information.txt.ps1
be800de1da1616a9df4556f400d39ac6
Generic Malware
Antivirus
VirusTotal
Malware
Check memory
unpack itself
WriteConsoleW
Windows
Cryptographic key
1
Keyword trend analysis
×
Info
×
https://theemirateshills.com//wp-includes/js/moos2.png
1.8
20
ZeroCERT
14355
2023-03-22 05:18
zxcvb.exe
688774feec1cc9685acaece804dc7a26
PWS
.NET framework
RAT
UPX
OS Processor Check
.NET EXE
PE32
PE File
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
ComputerName
2.2
53
eDu
First
Previous
951
952
953
954
955
956
957
958
959
960
Next
Last
Total : 49,444cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
