Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
121
2021-10-19 10:56
5f205bbf6a050_v.gif
6d0c71ad95c413318e0946960a597318
Create Service
DGA
Socket
Steal credential
DNS
Internet API
Hijack Network
Code injection
Sniff Audio
HTTP
KeyLogger
FTP
Escalate priviledges
Downloader
ScreenShot
Http API
P2P
persistence
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
Exploit
DNS
crashed
2
Info
×
ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
4.8
guest
122
2021-10-19 10:56
5f205bc00090f_v.gif
da9d153375da51a616a7663f1504e3a5
Create Service
DGA
Socket
Steal credential
DNS
Internet API
Hijack Network
Code injection
Sniff Audio
HTTP
KeyLogger
FTP
Escalate priviledges
Downloader
ScreenShot
Http API
P2P
persistence
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
Exploit
DNS
crashed
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
5.2
guest
123
2021-10-19 10:56
5f205bc2379ac_v.gif
c10bdec858cb0cf9e6cc5865d5925746
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
Windows
Exploit
DNS
crashed
3.8
guest
124
2021-10-19 10:57
background-2.png
42bd688964c63e6bdeca18b87dadf2ad
AntiDebug
AntiVM
PNG Format
MSOffice File
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
Windows
Exploit
DNS
crashed
3.8
guest
125
2021-10-19 10:58
5f205bc2c1b4b_v.gif
9ce99ec458daf212f9812a90f3fadd13
Create Service
DGA
Socket
Steal credential
DNS
Internet API
Hijack Network
Code injection
Sniff Audio
HTTP
KeyLogger
FTP
Escalate priviledges
Downloader
ScreenShot
Http API
P2P
persistence
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
Exploit
DNS
crashed
2
Info
×
ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
5.8
guest
126
2021-10-19 10:58
5f205bc497791_v.css
0e646e2e128c473d6fba7996a4a94e40
Create Service
DGA
Socket
Steal credential
DNS
Internet API
Hijack Network
Code injection
Sniff Audio
HTTP
KeyLogger
FTP
Escalate priviledges
Downloader
ScreenShot
Http API
P2P
persistence
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
Exploit
DNS
crashed
2
Info
×
ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
4.2
guest
127
2021-11-04 23:49
common.bytes
bf5460d3d9c1bb2d6b8aa12f3db8b092
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
Windows
Exploit
DNS
crashed
3.8
guest
128
2021-11-04 23:51
gacconfig.bytes
f8a68ae046ae3bf4d09074131f49d9de
Create Service
DGA
Socket
Steal credential
DNS
Internet API
Hijack Network
Code injection
Sniff Audio
HTTP
KeyLogger
FTP
Escalate priviledges
Downloader
ScreenShot
Http API
P2P
persistence
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
Exploit
DNS
crashed
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
4.2
guest
129
2021-11-04 23:51
commonclientdefs.bytes
eb901f00be8d5dac1a9f7902aa3936b0
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
Tofsee
Windows
Exploit
DNS
crashed
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
3.8
guest
130
2021-11-04 23:51
classscript.bytes
52636e2354ea0e4f6848633556235257
AntiDebug
AntiVM
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
Windows
Exploit
DNS
crashed
3.8
guest
131
2021-11-04 23:53
copyclassfunction.bytes
22c510bcd8c165d4fa0cd64490516c85
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
Tofsee
Windows
Exploit
DNS
crashed
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
3.8
guest
132
2021-11-04 23:53
commoninc.bytes
f48a588b2d239cb5c8ea9ffcfdd8a30b
Create Service
DGA
Socket
Steal credential
DNS
Internet API
Hijack Network
Code injection
Sniff Audio
HTTP
KeyLogger
FTP
Escalate priviledges
Downloader
ScreenShot
Http API
P2P
persistence
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
Exploit
DNS
crashed
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
4.2
guest
133
2021-11-04 23:54
luaprofiler.bytes
32452897194b25b15f27893bf8cd0e99
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
Tofsee
Windows
Exploit
DNS
crashed
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
3.8
guest
134
2021-11-04 23:54
debuggermgr.bytes
d514dd539951031831c21e3cb400849b
Create Service
DGA
Socket
Steal credential
DNS
Internet API
Hijack Network
Code injection
Sniff Audio
HTTP
KeyLogger
FTP
Escalate priviledges
Downloader
ScreenShot
Http API
P2P
persistence
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
Exploit
DNS
crashed
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
4.8
guest
135
2021-11-04 23:55
debuggermgrinc.bytes
d99b84ec646e545c6c3bea4d03cb7d7f
Create Service
DGA
Socket
Steal credential
DNS
Internet API
Hijack Network
Code injection
Sniff Audio
HTTP
KeyLogger
FTP
Escalate priviledges
Downloader
ScreenShot
Http API
P2P
persistence
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
Exploit
DNS
crashed
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
4.2
guest
First
Previous
1
2
3
4
5
6
7
8
9
10
Next
Last
Total : 2,484cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword