Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
1
2023-11-30 14:40
Documento.txt.exe
1af7a2e45f20ad74e091fc976be0492e
UPX
PE32
PE File
.NET EXE
VirusTotal
Malware
Checks debugger
unpack itself
ComputerName
DNS
DDNS
crashed
2
Info
×
marcelotatuape.ddns.net(177.52.82.174) - mailcious
177.52.82.174
1
Info
×
ET POLICY DNS Query to DynDNS Domain *.ddns .net
3.6
56
ZeroCERT
2
2023-11-03 18:12
sistem32.jpg
06cbe7e4119ca545f6420e7b4100e3d2
Admin Tool (Sysinternals etc ...)
Malicious Library
UPX
AntiDebug
AntiVM
PE File
PE32
.NET EXE
DLL
OS Processor Check
PDB
Code Injection
Check memory
Checks debugger
buffers extracted
Creates executable files
unpack itself
AppData folder
Windows
ComputerName
DNS
Cryptographic key
DDNS
crashed
2
Info
×
marcelotatuape.ddns.net(177.52.83.224) - mailcious
177.52.83.224
1
Info
×
ET POLICY DNS Query to DynDNS Domain *.ddns .net
9.6
ZeroCERT
3
2023-10-26 17:14
teste2.jpg
e41099316a6272c73e80c90972c3203e
Generic Malware
Admin Tool (Sysinternals etc ...)
Malicious Library
UPX
Antivirus
AntiDebug
AntiVM
PE File
PE32
.NET EXE
DLL
OS Processor Check
VirusTotal
Malware
powershell
AutoRuns
PDB
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
Creates shortcut
Creates executable files
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
AppData folder
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
DDNS
crashed
2
Info
×
marcelotatuape.ddns.net(141.255.145.44) - mailcious
141.255.145.44
1
Info
×
ET POLICY DNS Query to DynDNS Domain *.ddns .net
14.2
M
26
ZeroCERT
4
2023-09-23 09:36
2ac82382-33f7-4490-a91d-e3cfe4...
3403cb537d8e1e6257068d3189705050
Gen1
Emotet
Generic Malware
Malicious Library
UPX
AntiDebug
AntiVM
PE File
PE32
OS Processor Check
CAB
Malware download
NetWireRC
RevengeRAT
VirusTotal
Malware
AutoRuns
Code Injection
Check memory
Checks debugger
WMI
Creates executable files
unpack itself
AppData folder
AntiVM_Disk
anti-virtualization
VM Disk Size Check
Windows
ComputerName
DNS
DDNS
crashed
2
Info
×
marcelotatuape.ddns.net(141.255.151.60)
141.255.151.60
2
Info
×
ET POLICY DNS Query to DynDNS Domain *.ddns .net
ET MALWARE MSIL/Revenge-RAT Keep-Alive Activity (Outbound) M2
8.4
M
47
ZeroCERT
5
2023-09-22 17:45
reserva....exe
3403cb537d8e1e6257068d3189705050
Gen1
Emotet
Generic Malware
Malicious Library
UPX
AntiDebug
AntiVM
PE File
PE32
OS Processor Check
CAB
VirusTotal
Malware
AutoRuns
Code Injection
Check memory
Checks debugger
Creates executable files
unpack itself
AppData folder
AntiVM_Disk
VM Disk Size Check
Windows
ComputerName
DNS
DDNS
crashed
2
Info
×
marcelotatuape.ddns.net(177.52.82.67)
177.52.82.67
1
Info
×
ET POLICY DNS Query to DynDNS Domain *.ddns .net
6.4
34
ZeroCERT
First
1
Last
Total : 5cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
