Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
1
2024-10-10 11:06
Hillmen.exe
c1a37e2ae299837d1c06fe6f05f74882
RedLine stealer
RedLine Stealer
Malicious Library
Confuser .NET
.NET framework(MSIL)
PWS
SMTP
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
ComputerName
5.8
M
57
ZeroCERT
2
2023-04-03 16:47
Rhymers.exe
2ac0ff27c872b8b784d31027f05d44cd
RedLine stealer[m]
PWS
.NET framework
RAT
RedLine Stealer
Confuser .NET
SMTP
PWS[m]
AntiDebug
AntiVM
.NET EXE
PE32
PE File
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Collect installed applications
installed browsers check
Windows
Browser
ComputerName
DNS
Cryptographic key
Software
crashed
1
Info
×
199.115.193.116
9.4
M
48
ZeroCERT
3
2023-04-03 16:47
Cuttoes.exe
868398533736a48ccf3008a8eb4ddc49
PWS
.NET framework
RAT
RedLine Stealer
Confuser .NET
SMTP
PWS[m]
Escalate priviledges
ScreenShot
AntiDebug
AntiVM
.NET EXE
PE32
PE File
VirusTotal
Malware
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
6.0
M
49
ZeroCERT
4
2023-03-29 10:48
Tarlatan.exe
b26480dce772642635204619f30c35d6
RedLine stealer[m]
PWS
.NET framework
RAT
RedLine Stealer
Confuser .NET
SMTP
PWS[m]
AntiDebug
AntiVM
.NET EXE
PE32
PE File
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Collect installed applications
installed browsers check
Windows
Browser
ComputerName
DNS
Cryptographic key
Software
crashed
1
Info
×
199.115.193.116
9.4
M
50
ZeroCERT
5
2023-03-29 10:47
Tarlatan.exe
b26480dce772642635204619f30c35d6
RedLine stealer[m]
PWS
.NET framework
RAT
RedLine Stealer
Confuser .NET
SMTP
PWS[m]
AntiDebug
AntiVM
.NET EXE
PE32
PE File
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Collect installed applications
installed browsers check
Windows
Browser
ComputerName
DNS
Cryptographic key
Software
crashed
1
Info
×
199.115.193.116
9.4
M
50
ZeroCERT
6
2023-03-27 10:37
Nasalized.exe
4c42520a02966a874eb4fbdc0a74e208
RedLine stealer[m]
PWS
.NET framework
RAT
RedLine Stealer
Confuser .NET
SMTP
PWS[m]
AntiDebug
AntiVM
.NET EXE
PE32
PE File
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Collect installed applications
installed browsers check
Windows
Browser
ComputerName
DNS
Cryptographic key
Software
crashed
1
Info
×
199.115.193.116
9.4
M
43
ZeroCERT
7
2023-03-27 10:32
Blaubok.exe
3c62500496bfc4f35d38ddbe71be78c2
RedLine stealer[m]
PWS
.NET framework
RAT
RedLine Stealer
Confuser .NET
SMTP
PWS[m]
AntiDebug
AntiVM
.NET EXE
PE32
PE File
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Collect installed applications
installed browsers check
Windows
Browser
ComputerName
DNS
Cryptographic key
Software
crashed
1
Info
×
199.115.193.171 - mailcious
10.4
M
48
ZeroCERT
8
2023-03-27 10:30
Sprawl.exe
7f9cc3889e95b39a93593207cc823dd2
RedLine stealer[m]
PWS
.NET framework
RAT
RedLine Stealer
Confuser .NET
SMTP
PWS[m]
AntiDebug
AntiVM
.NET EXE
PE32
PE File
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Collect installed applications
installed browsers check
Windows
Browser
ComputerName
DNS
Cryptographic key
Software
crashed
1
Info
×
199.115.193.116
10.4
M
48
ZeroCERT
9
2023-03-24 18:21
Scantle.exe
8e7ec9167dd8c5b9444e4ba17e849fdc
RedLine stealer[m]
PWS
.NET framework
RAT
RedLine Stealer
Confuser .NET
SMTP
PWS[m]
AntiDebug
AntiVM
.NET EXE
PE32
PE File
VirusTotal
Malware
Code Injection
Check memory
Checks debugger
buffers extracted
ICMP traffic
unpack itself
Windows
DNS
Cryptographic key
1
Info
×
195.133.40.209 - mailcious
8.2
M
55
ZeroCERT
10
2023-03-17 10:11
MatyWon.exe
e01eed093c11df9172d1a70484e8f973
RedLine stealer[m]
PWS
.NET framework
RAT
RedLine Stealer
Confuser .NET
SMTP
PWS[m]
AntiDebug
AntiVM
.NET EXE
PE32
PE File
VirusTotal
Malware
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows
DNS
Cryptographic key
2
Info
×
43.154.215.120 - malware
85.31.54.216
7.2
M
38
ZeroCERT
11
2023-02-24 14:27
Extenuate.exe
e5362468537c57a4c6e0811f4ab5af06
PWS[m]
RedLine stealer[m]
PWS
.NET framework
RAT
RedLine Stealer
Confuser .NET
SMTP
AntiDebug
AntiVM
.NET EXE
PE32
PE File
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
WMI
unpack itself
Collect installed applications
installed browsers check
Windows
Browser
ComputerName
DNS
Cryptographic key
Software
crashed
1
Info
×
107.189.165.102
10.8
M
35
ZeroCERT
12
2023-02-20 11:43
Underglaze.exe
058112275e6fe4b2cd6663dc74784de4
PWS[m]
RedLine stealer[m]
RAT
RedLine Stealer
PWS
.NET framework
Confuser .NET
SMTP
AntiDebug
AntiVM
PE32
.NET EXE
PE File
Browser Info Stealer
VirusTotal
Malware
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows
Browser
ComputerName
DNS
Cryptographic key
crashed
1
Info
×
45.32.218.145
7.0
M
30
ZeroCERT
13
2023-02-08 07:50
Renumbered.exe
c1c43012aff2576fe55079a8c4571e0a
PWS[m]
RedLine stealer[m]
RAT
PWS
.NET framework
RedLine Stealer
Confuser .NET
SMTP
AntiDebug
AntiVM
PE32
.NET EXE
PE File
VirusTotal
Malware
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows
DNS
Cryptographic key
1
Info
×
8.9.31.171
7.2
M
30
ZeroCERT
First
1
Last
Total : 13cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
