Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
1
2021-03-21 09:24
twenthfour.exe
1f0c8747c32790a0f9c39c659e09d1c5
Azorult
.NET framework
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows utilities
AppData folder
malicious URLs
Windows
Cryptographic key
9.4
M
20
ZeroCERT
2
2021-03-19 18:28
ndena.exe
d4b31689b01301f90ce578d418a74231
Azorult
.NET framework
ftp Client
info stealer
email
stealer
Win
Trojan
agentTesla
browser
Google
Chrome
User Data
Download management
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
malicious URLs
Ransomware
Windows
Tor
ComputerName
Cryptographic key
crashed
10.8
M
18
ZeroCERT
3
2021-03-19 18:10
mbena.exe
e81cc62679b5e5aa3291b0168b271ee9
Azorult
.NET framework
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
malicious URLs
Windows
ComputerName
DNS
Cryptographic key
crashed
10.2
M
18
ZeroCERT
4
2021-03-19 18:10
mcnam.exe
d93d72caaa511c0715063a464bf231ff
Azorult
.NET framework
Google
Chrome
User Data
browser
info stealer
VirusTotal
Malware
Buffer PE
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows utilities
suspicious process
malicious URLs
WriteConsoleW
Windows
ComputerName
Cryptographic key
keylogger
2
Info
×
dfxczaqwvcutbnmewxvfqwercfgrwzxcdcdfvgws.ydns.eu(5.172.199.55) - mailcious
5.172.199.55 - mailcious
13.0
M
29
ZeroCERT
5
2021-03-19 17:11
doglox.exe
c47b1974b73196909a2e1647b2c73000
Azorult
.NET framework
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
malicious URLs
Windows
ComputerName
DNS
Cryptographic key
crashed
10.2
M
17
ZeroCERT
6
2021-03-19 17:01
abnol.exe
c4b7965e03a154956c35e3f1a2486e7d
Azorult
.NET framework
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
malicious URLs
Windows
ComputerName
Cryptographic key
crashed
9.6
M
18
ZeroCERT
7
2021-03-19 09:26
4IM6UdbDirEU0hR.exe
5af713d1b395d4f6b4467f22643fb4c8
Azorult
.NET framework
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Email Client Info Stealer
Malware
suspicious privilege
Code Injection
Malicious Traffic
Check memory
Checks debugger
buffers extracted
unpack itself
Check virtual network interfaces
malicious URLs
IP Check
Tofsee
Windows
Browser
Email
ComputerName
DNS
Cryptographic key
DDNS
Software
crashed
2
Keyword trend analysis
×
Info
×
http://checkip.dyndns.org/
https://freegeoip.app/xml/175.208.134.150
4
Info
×
freegeoip.app(172.67.188.154)
checkip.dyndns.org(216.146.43.70)
131.186.113.70
104.21.19.200
4
Info
×
ET INFO DYNAMIC_DNS Query to *.dyndns. Domain
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET POLICY External IP Lookup - checkip.dyndns.org
ET POLICY DynDNS CheckIp External IP Address Server Response
13.0
M
25
ZeroCERT
8
2021-03-19 08:26
ndena.exe
d4b31689b01301f90ce578d418a74231
Azorult
.NET framework
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
unpack itself
Windows
DNS
Cryptographic key
5.6
M
18
ZeroCERT
9
2021-03-19 08:24
mbena.exe
e81cc62679b5e5aa3291b0168b271ee9
Azorult
.NET framework
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows
ComputerName
DNS
Cryptographic key
crashed
9.4
M
18
ZeroCERT
10
2021-03-19 08:22
mcnam.exe
d93d72caaa511c0715063a464bf231ff
Azorult
.NET framework
Google
Chrome
User Data
browser
info stealer
VirusTotal
Malware
Buffer PE
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows utilities
suspicious process
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
keylogger
2
Info
×
dfxczaqwvcutbnmewxvfqwercfgrwzxcdcdfvgws.ydns.eu(5.172.199.55)
5.172.199.55
11.2
M
29
ZeroCERT
11
2021-03-19 08:17
doglox.exe
c47b1974b73196909a2e1647b2c73000
Azorult
.NET framework
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
unpack itself
Windows
DNS
Cryptographic key
5.6
17
ZeroCERT
12
2021-03-19 08:12
abnol.exe
c4b7965e03a154956c35e3f1a2486e7d
Azorult
.NET framework
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows
ComputerName
DNS
Cryptographic key
crashed
9.4
18
ZeroCERT
13
2021-03-18 18:16
abman.exe
7f21e3c00e304c66cd2c2d00f81adb51
Azorult
.NET framework
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
malicious URLs
Windows
ComputerName
Cryptographic key
crashed
9.6
15
ZeroCERT
14
2021-03-18 18:12
abman.exe
7f21e3c00e304c66cd2c2d00f81adb51
Azorult
.NET framework
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Windows
ComputerName
DNS
Cryptographic key
crashed
9.4
15
ZeroCERT
First
1
Last
Total : 14cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword