Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
14656
2023-03-20 10:04
foto0132.exe
db22505e6712eebddb11bae0fcdc0aed
Gen1
Emotet
UPX
Malicious Library
CAB
PE32
PE File
Browser Info Stealer
FTP Client Info Stealer
AutoRuns
PDB
suspicious privilege
Check memory
Checks debugger
buffers extracted
WMI
Creates executable files
unpack itself
Disables Windows Security
Collect installed applications
AntiVM_Disk
VM Disk Size Check
installed browsers check
Windows
Update
Browser
ComputerName
Remote Code Execution
DNS
Cryptographic key
Software
crashed
1
Info
×
193.233.20.30
10.4
M
ZeroCERT
14657
2023-03-20 10:02
14KDIJUFJD
218ddf74d466267211be24dac160e93a
AntiDebug
AntiVM
VirusTotal
Email Client Info Stealer
Malware
Code Injection
Check memory
Checks debugger
unpack itself
installed browsers check
Browser
Email
3.6
M
2
ZeroCERT
14658
2023-03-20 10:02
Slava.exe
1fa21564b4463aa7a564a20fa00dafba
NPKI
Generic Malware
UPX
Malicious Library
Malicious Packer
OS Processor Check
PE64
PE File
VirusTotal
Malware
crashed
1.2
M
39
ZeroCERT
14659
2023-03-20 10:00
fuddedneu.exe
07b3856c2f6ffe6560d3982b0319648c
NPKI
PWS
.NET framework
RAT
UPX
Malicious Library
OS Processor Check
.NET EXE
PE32
PE File
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
ComputerName
2.2
M
44
ZeroCERT
14660
2023-03-20 10:00
matywonexe.exe
0191cb1f788338484c31712a343f0b52
PWS
.NET framework
RAT
UPX
OS Processor Check
.NET EXE
PE32
PE File
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
buffers extracted
unpack itself
Collect installed applications
installed browsers check
Windows
Browser
ComputerName
DNS
Cryptographic key
Software
crashed
1
Info
×
85.31.54.181
6.2
M
54
ZeroCERT
14661
2023-03-20 09:58
taskshostw.exe
e538f67d529d672c55304f3c9ad05392
RAT
North Korea
Antivirus
.NET EXE
PE32
PE File
VirusTotal
Malware
AutoRuns
suspicious privilege
MachineGuid
Check memory
Checks debugger
Creates executable files
unpack itself
Windows utilities
Check virtual network interfaces
suspicious process
AppData folder
WriteConsoleW
Tofsee
Windows
ComputerName
DNS
Cryptographic key
1
Keyword trend analysis
×
Info
×
https://pastebin.com/raw/x7kBE3DJ
5
Info
×
6.tcp.eu.ngrok.io(3.68.171.119)
pastebin.com(172.67.34.170) - mailcious
3.69.115.178
18.197.239.109
104.20.67.143 - mailcious
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO DNS Query to a *.ngrok domain (ngrok.io)
8.6
M
53
ZeroCERT
14662
2023-03-20 09:57
zhiga.exe
79583ef72d557666796293419281c161
Malicious Library
PE32
PE File
VirusTotal
Malware
PDB
unpack itself
1.8
M
27
ZeroCERT
14663
2023-03-20 09:56
1.exe
9bb5a7746bac70b497a64ca379a82d5a
Malicious Library
AntiDebug
AntiVM
PE64
PE File
VirusTotal
Malware
Buffer PE
PDB
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows utilities
Windows
Cryptographic key
crashed
7.4
M
41
ZeroCERT
14664
2023-03-20 09:56
16512243-04d2-4591-82a9-0281c3...
6986f1d3d40626f825b3ebf0415fc54c
.NET EXE
PE32
PE File
VirusTotal
Malware
PDB
Check memory
Checks debugger
unpack itself
1.8
M
25
ZeroCERT
14665
2023-03-20 09:54
123ds.exe
20b01b94fec9143a2adf624945aa41c3
PWS
.NET framework
RAT
UPX
OS Processor Check
.NET EXE
PE32
PE File
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
buffers extracted
unpack itself
Collect installed applications
installed browsers check
Windows
Browser
ComputerName
DNS
Cryptographic key
Software
crashed
2
Info
×
66.42.108.195
78.47.226.24
6.2
M
42
ZeroCERT
14666
2023-03-20 09:53
123andy.exe
d4da20f99003446d674869a51d350673
PWS
.NET framework
RAT
UPX
OS Processor Check
.NET EXE
PE32
PE File
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
buffers extracted
unpack itself
Collect installed applications
installed browsers check
Windows
Browser
ComputerName
DNS
Cryptographic key
Software
crashed
1
Info
×
207.246.108.255
6.2
M
58
ZeroCERT
14667
2023-03-20 09:51
goland.exe
fc6d40512829e36687854cb0118a5a1e
MPRESS
PE64
PE File
VirusTotal
Malware
Remote Code Execution
crashed
1.8
M
29
ZeroCERT
14668
2023-03-20 09:51
c91d43b8-ec7d-4544-b731-541868...
ca341777340c9f6a7ba878b3e37fcf9c
UPX
Malicious Library
OS Processor Check
PE32
PE File
VirusTotal
Malware
unpack itself
1.8
M
31
ZeroCERT
14669
2023-03-20 09:49
6AfEa8G0W8NOtUh7hqFj
81e7b43089fc2460934c00a12afdbf94
ZIP Format
VirusTotal
Malware
0.8
M
26
ZeroCERT
14670
2023-03-20 09:49
photo_004.exe
d931b4102dbb87a11d2dea1999d292e1
UPX
Malicious Library
PE32
PE File
PDB
unpack itself
1.0
ZeroCERT
First
Previous
971
972
973
974
975
976
977
978
979
980
Next
Last
Total : 49,695cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword