Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
1
2024-04-27 10:35
0095a2ddc9363c91fc497296555de1...
aa0b53e96cbf0d9acbeccd55c4b83d75
RedLine Infostealer
RedLine stealer
RedlineStealer
Malicious Library
Confuser .NET
.NET framework(MSIL)
UPX
PE File
.NET EXE
PE32
OS Processor Check
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
Windows
DNS
Cryptographic key
1
Info
×
176.123.9.85 - mailcious
3.8
56
guest
2
2023-07-03 17:59
rocketa69.exe
9da51f2d6f77596f35c78b4bd676a134
RedLine stealer
RedlineStealer
UPX
.NET framework(MSIL)
Confuser .NET
OS Processor Check
PE File
.NET EXE
PE32
Browser Info Stealer
RedLine
Malware download
FTP Client Info Stealer
VirusTotal
Malware
suspicious privilege
Malicious Traffic
Check memory
Checks debugger
buffers extracted
unpack itself
Collect installed applications
Check virtual network interfaces
installed browsers check
Tofsee
Stealer
Windows
Browser
ComputerName
DNS
Cryptographic key
Software
crashed
1
Keyword trend analysis
×
Info
×
https://api.ip.sb/ip
3
Info
×
api.ip.sb(172.67.75.172)
104.211.55.2 - mailcious
104.26.12.31
2
Info
×
ET MALWARE RedLine Stealer TCP CnC net.tcp Init
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
8.0
50
ZeroCERT
3
2023-07-01 12:32
rocketpro.exe
3a7672c0d0002621ffb756afab204616
RedLine stealer
UPX
.NET framework(MSIL)
Confuser .NET
OS Processor Check
.NET EXE
PE File
PE32
Browser Info Stealer
RedLine
Malware download
FTP Client Info Stealer
VirusTotal
Malware
suspicious privilege
Malicious Traffic
Check memory
Checks debugger
buffers extracted
unpack itself
Collect installed applications
Check virtual network interfaces
installed browsers check
Tofsee
Stealer
Windows
Browser
ComputerName
DNS
Cryptographic key
Software
crashed
1
Keyword trend analysis
×
Info
×
https://api.ip.sb/ip
3
Info
×
api.ip.sb(104.26.12.31)
104.211.55.2
104.26.12.31
2
Info
×
ET MALWARE RedLine Stealer TCP CnC net.tcp Init
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
7.8
33
ZeroCERT
4
2023-06-18 12:15
Grey.exe
5d38aede0d5846ef5637db30b43eca60
PWS
.NET framework(MSIL)
UPX
Confuser .NET
OS Processor Check
.NET EXE
PE32
PE File
Browser Info Stealer
RedLine
Malware download
FTP Client Info Stealer
VirusTotal
Malware
suspicious privilege
Malicious Traffic
Check memory
Checks debugger
buffers extracted
unpack itself
Collect installed applications
Check virtual network interfaces
installed browsers check
Tofsee
Stealer
Windows
Browser
ComputerName
DNS
Cryptographic key
Software
crashed
1
Keyword trend analysis
×
Info
×
https://api.ip.sb/ip
3
Info
×
api.ip.sb(172.67.75.172)
104.211.55.2
172.67.75.172 - mailcious
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET MALWARE RedLine Stealer TCP CnC net.tcp Init
7.4
55
ZeroCERT
5
2023-05-14 17:32
44444444.exe
4fda10dd689cf07faf7ccad6eeb5b8b3
PWS
.NET framework
RAT
UPX
Confuser .NET
OS Processor Check
.NET EXE
PE File
PE32
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Malware
Check memory
Checks debugger
buffers extracted
unpack itself
Collect installed applications
installed browsers check
Windows
Browser
ComputerName
DNS
Cryptographic key
Software
crashed
1
Info
×
84.54.50.26
5.8
M
49
ZeroCERT
6
2023-05-11 18:44
frank.jpg
b087d2cba334e315c16c893e0709b14c
PWS
.NET framework
RAT
UPX
Confuser .NET
OS Processor Check
.NET EXE
PE File
PE32
Browser Info Stealer
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
buffers extracted
WMI
unpack itself
Collect installed applications
installed browsers check
Windows
Browser
ComputerName
DNS
Cryptographic key
crashed
1
Info
×
89.23.107.125 - mailcious
7.0
M
53
ZeroCERT
7
2023-04-25 07:53
frankbild.rar
67b431bbc8219713a851993f84a3f71d
PWS
.NET framework
RAT
UPX
Confuser .NET
OS Processor Check
.NET EXE
PE32
PE File
Browser Info Stealer
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
buffers extracted
WMI
unpack itself
Collect installed applications
installed browsers check
Windows
Browser
ComputerName
DNS
Cryptographic key
crashed
1
Info
×
89.23.107.125
7.0
54
ZeroCERT
First
1
Last
Total : 7cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword