Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
14416
2023-03-20 09:56
16512243-04d2-4591-82a9-0281c3...
6986f1d3d40626f825b3ebf0415fc54c
.NET EXE
PE32
PE File
VirusTotal
Malware
PDB
Check memory
Checks debugger
unpack itself
1.8
M
25
ZeroCERT
14417
2023-03-20 09:54
123ds.exe
20b01b94fec9143a2adf624945aa41c3
PWS
.NET framework
RAT
UPX
OS Processor Check
.NET EXE
PE32
PE File
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
buffers extracted
unpack itself
Collect installed applications
installed browsers check
Windows
Browser
ComputerName
DNS
Cryptographic key
Software
crashed
2
Info
×
66.42.108.195
78.47.226.24
6.2
M
42
ZeroCERT
14418
2023-03-20 09:53
123andy.exe
d4da20f99003446d674869a51d350673
PWS
.NET framework
RAT
UPX
OS Processor Check
.NET EXE
PE32
PE File
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
buffers extracted
unpack itself
Collect installed applications
installed browsers check
Windows
Browser
ComputerName
DNS
Cryptographic key
Software
crashed
1
Info
×
207.246.108.255
6.2
M
58
ZeroCERT
14419
2023-03-20 09:51
goland.exe
fc6d40512829e36687854cb0118a5a1e
MPRESS
PE64
PE File
VirusTotal
Malware
Remote Code Execution
crashed
1.8
M
29
ZeroCERT
14420
2023-03-20 09:51
c91d43b8-ec7d-4544-b731-541868...
ca341777340c9f6a7ba878b3e37fcf9c
UPX
Malicious Library
OS Processor Check
PE32
PE File
VirusTotal
Malware
unpack itself
1.8
M
31
ZeroCERT
14421
2023-03-20 09:49
6AfEa8G0W8NOtUh7hqFj
81e7b43089fc2460934c00a12afdbf94
ZIP Format
VirusTotal
Malware
0.8
M
26
ZeroCERT
14422
2023-03-20 09:49
photo_004.exe
d931b4102dbb87a11d2dea1999d292e1
UPX
Malicious Library
PE32
PE File
PDB
unpack itself
1.0
ZeroCERT
14423
2023-03-20 09:47
cockkieeAC.exe
50f31873c5df2e169f1ec5ebab8ba2c3
NPKI
Generic Malware
UPX
Malicious Library
Malicious Packer
OS Processor Check
PE64
PE File
VirusTotal
Malware
crashed
1.0
M
22
ZeroCERT
14424
2023-03-20 09:47
f2f16bc7-e50f-45d2-9d83-c860d5...
f5d957a42f578847664cacb8a4c3d695
UPX
Malicious Library
OS Processor Check
PE32
PE File
VirusTotal
Malware
Check memory
RWX flags setting
unpack itself
anti-virtualization
DNS
crashed
1
Info
×
185.106.92.104
3.8
M
20
ZeroCERT
14425
2023-03-20 09:45
bdr.exe
24604438f2cb5fcbda87b9fe3f817bcb
Loki_b
Loki_m
RAT
UPX
Code injection
PWS[m]
AntiDebug
AntiVM
OS Processor Check
.NET EXE
PE32
PE File
VirusTotal
Malware
Telegram
MachineGuid
Code Injection
Malicious Traffic
Check memory
Checks debugger
buffers extracted
Creates executable files
unpack itself
malicious URLs
Tofsee
ComputerName
DNS
4
Keyword trend analysis
×
Info
×
http://78.47.226.24/
http://78.47.226.24/edit.zip
https://steamcommunity.com/profiles/76561199486572327
https://t.me/zaskullz
5
Info
×
t.me(149.154.167.99) - mailcious
steamcommunity.com(104.76.78.101) - mailcious
149.154.167.99 - mailcious
23.42.123.237
78.47.226.24
4
Info
×
ET INFO TLS Handshake Failure
ET INFO Observed Telegram Domain (t .me in TLS SNI)
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO Dotted Quad Host ZIP Request
11.0
M
28
ZeroCERT
14426
2023-03-20 09:45
eazy.exe
0a937838141cf6acfb3d63ae2b4673b3
RAT
KeyLogger
AntiDebug
AntiVM
.NET EXE
PE32
PE File
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Email Client Info Stealer
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Check virtual network interfaces
IP Check
Tofsee
Windows
Browser
Email
ComputerName
Cryptographic key
Software
crashed
1
Keyword trend analysis
×
Info
×
https://api.ipify.org/
2
Info
×
api.ipify.org(104.237.62.211)
104.237.62.211
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
12.2
M
50
ZeroCERT
14427
2023-03-20 09:43
neee.exe
99f16ab6ab670935b5aa5c84b1b5f6bd
UPX
Malicious Library
Antivirus
OS Processor Check
PE32
PE File
Malware download
VirusTotal
Malware
AutoRuns
Malicious Traffic
Creates executable files
RWX flags setting
unpack itself
AppData folder
Windows
ComputerName
DNS
crashed
2
Keyword trend analysis
×
Info
×
http://185.106.92.104/bot/online?guid=TEST22-PC\\test22&key=bc2dceabe69fa26dbf4dd8295d65e03e1990633a88c1c8410825c9266b239396
http://185.106.92.104/bot/regex
1
Info
×
185.106.92.104
1
Info
×
ET MALWARE Laplas Clipper - SetOnline CnC Checkin
7.6
M
45
ZeroCERT
14428
2023-03-20 09:42
w6auj9ii3rp.exe
57e3fc905b5cb1811f155ec4aef82795
RedLine stealer[m]
UPX
Malicious Library
Malicious Packer
AntiDebug
AntiVM
OS Processor Check
PE32
PE File
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Collect installed applications
installed browsers check
Windows
Browser
ComputerName
DNS
Cryptographic key
Software
crashed
1
Info
×
46.3.197.223
10.0
M
46
ZeroCERT
14429
2023-03-20 07:56
unknown.exe
b61e626bf11cf496d6cb2dd7e470551b
PWS
.NET framework
RAT
UPX
Malicious Library
Malicious Packer
OS Processor Check
.NET EXE
PE32
PE File
Malware download
AsyncRAT
NetWireRC
Malware
DNS
DDNS
2
Info
×
clsuplementos.ddns.net(141.255.152.14) - mailcious
141.255.152.14 - mailcious
3
Info
×
ET POLICY DNS Query to DynDNS Domain *.ddns .net
ET MALWARE Observed Malicious SSL Cert (AsyncRAT Server)
ET MALWARE Generic AsyncRAT Style SSL Cert
0.4
ZeroCERT
14430
2023-03-19 13:52
index_8ceba61edb30c637224d774a...
5ecb336df87a04025f48967559d19151
crashed
0.2
BRY
First
Previous
961
962
963
964
965
966
967
968
969
970
Next
Last
Total : 49,447cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
