Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
1
2025-04-17 00:08
getif-2.3.1.zip
6dc2fe6600dca6f2b62b3b05977294af
ZIP Format
guest
2
2025-04-17 00:08
_user1.cab
45ad4d792db670366504974826dbbadc
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
2.6
guest
3
2025-04-17 00:08
_sys1.cab
fe9c552fd26fe5e5ba61b7f8eebc4a41
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
1
Keyword trend analysis
×
Info
×
http://cacerts.digicert.com/DigiCertGlobalRootG2.crt
2
Info
×
cacerts.digicert.com(118.214.79.16)
23.219.19.250
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
3.6
guest
4
2025-04-17 00:07
_ISDEL.EXE
4ed63bd2d8ff5239aec7d8bc6c666f37
Emotet
Generic Malware
NMap
Downloader
task schedule
Malicious Packer
Malicious Library
UPX
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
Checks debugger
Creates shortcut
Creates executable files
unpack itself
Windows utilities
malicious URLs
AntiVM_Disk
VM Disk Size Check
Windows
ComputerName
crashed
4.0
guest
5
2025-04-17 00:06
_INST32I.EX_
8d70c8885459ccfb5b8066c39e969699
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
1
Keyword trend analysis
×
Info
×
http://cacerts.digicert.com/DigiCertGlobalRootG2.crt
2
Info
×
cacerts.digicert.com(118.214.79.16)
23.219.19.250
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
3.6
guest
6
2025-04-17 00:05
_setup.dll
af0f37e850846fa145bef70474c5d214
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
PE File
malicious URLs
crashed
1.0
guest
7
2025-04-17 00:05
setup.lid
1b79748e93a541cc1590505b6c72828a
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
2.6
guest
8
2025-04-17 00:04
SETUP.EXE
2e7bc5b75df9c7bc2a53a32964c2d899
Emotet
Generic Malware
NMap
Downloader
Malicious Packer
Malicious Library
UPX
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
Checks debugger
Creates shortcut
Creates executable files
unpack itself
Windows utilities
malicious URLs
AntiVM_Disk
VM Disk Size Check
human activity check
Windows
ComputerName
crashed
3.8
guest
9
2025-04-17 00:03
setup.ins
89ab96b20f7b472b91e8a0660054394c
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
1
Keyword trend analysis
×
Info
×
http://cacerts.digicert.com/DigiCertGlobalRootG2.crt
3
Info
×
cacerts.digicert.com(118.214.79.16)
23.36.55.181
23.219.19.250
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
3.6
guest
10
2025-04-17 00:03
SETUP.INI
ac9d9386a57420db9299eb1be1fa82de
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
1
Keyword trend analysis
×
Info
×
http://cacerts.digicert.com/DigiCertGlobalRootG2.crt
2
Info
×
cacerts.digicert.com(118.214.79.16)
118.214.79.16
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
3.6
guest
11
2025-04-17 00:01
setup.bmp
f1874e4041a511771e01e079227ca8ca
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
BMP Format
MSOffice File
Code Injection
RWX flags setting
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
1
Keyword trend analysis
×
Info
×
http://cacerts.digicert.com/DigiCertGlobalRootG2.crt
2
Info
×
cacerts.digicert.com(23.36.55.181)
23.219.19.250
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
3.6
guest
12
2025-04-17 00:01
os.dat
af1d8d9435cb10fe2f4b4215eaf6bec4
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
1
Keyword trend analysis
×
Info
×
http://cacerts.digicert.com/DigiCertGlobalRootG2.crt
2
Info
×
cacerts.digicert.com(23.36.55.181)
23.219.19.250
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
3.6
guest
13
2025-04-17 00:01
layout.bin
72c582ab7db10af86a90608f98e5e614
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
2.6
guest
14
2025-04-16 23:59
data1.cab
3db315add60bf6755d7258c655faf5cc
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
1
Keyword trend analysis
×
Info
×
http://cacerts.digicert.com/DigiCertGlobalRootG2.crt
2
Info
×
cacerts.digicert.com(23.36.55.181)
23.219.19.250
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
3.6
guest
15
2025-04-16 23:59
lang.dat
90e64689804b4f4b0197c07290965a3c
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
1
Keyword trend analysis
×
Info
×
http://cacerts.digicert.com/DigiCertGlobalRootG2.crt
2
Info
×
cacerts.digicert.com(23.36.55.181)
23.219.19.250
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
3.6
guest
First
1
2
3
4
5
6
7
8
9
10
Next
Last
Total : 3,666cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
