Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
1
2021-06-01 17:04
consoleapp5a.exe
0ffde20bbcf9388a2b446c90222ac410
AsyncRAT
backdoor
AntiDebug
AntiVM
PE File
.NET EXE
PE32
Dridex
TrickBot
VirusTotal
Malware
Buffer PE
suspicious privilege
Code Injection
Malicious Traffic
Check memory
Checks debugger
buffers extracted
unpack itself
Check virtual network interfaces
Tofsee
Kovter
Windows
DNS
crashed
1
Keyword trend analysis
×
Info
×
https://cdn.discordapp.com/attachments/844641656991907850/846437254331367444/ClassLibrary1.dll - rule_id: 1685
3
Info
×
cdn.discordapp.com(162.159.134.233) - malware
185.157.161.205
162.159.130.233 - malware
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET JA3 Hash - Possible Malware - Various Trickbot/Kovter/Dridex
1
Info
×
https://cdn.discordapp.com/attachments/844641656991907850/846437254331367444/ClassLibrary1.dll
12.4
M
44
ZeroCERT
2
2021-06-01 09:28
QUAConsoleApp5.exe
51ee29d68a7aefead4a82af353bab78c
PWS
Loki[b]
Loki[m]
AsyncRAT
backdoor
DNS
KeyLogger
ScreenShot
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
Malicious Traffic
IP Check
Tofsee
2
Keyword trend analysis
×
Info
×
http://ip-api.com/json/
https://cdn.discordapp.com/attachments/844641656991907850/846437254331367444/ClassLibrary1.dll
6
Info
×
ip-api.com(208.95.112.1)
cdn.discordapp.com(162.159.134.233) - malware
yz.videomarket.eu(185.157.161.205) - mailcious
208.95.112.1
162.159.129.233 - malware
185.157.161.205
2
Info
×
ET POLICY External IP Lookup ip-api.com
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
3.0
M
34
ZeroCERT
3
2021-05-21 10:16
zapa1.exe
ec3a138ffb5f8172efb8216b729a6813
AsyncRAT
backdoor
AntiDebug
AntiVM
.NET EXE
PE File
PE32
VirusTotal
Malware
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
DNS
crashed
1
Info
×
79.134.225.91 - mailcious
10.6
M
24
ZeroCERT
4
2021-03-29 17:58
jan11.exe
5368930e073889874745e520be58b06d
AsyncRAT
backdoor
VirusTotal
Malware
AutoRuns
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
malicious URLs
Ransomware
Windows
ComputerName
DNS
crashed
keylogger
1
Info
×
152.89.162.12
12.0
14
ZeroCERT
First
1
Last
Total : 4cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
