Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
1
2023-06-07 07:32
BHHh.exe
96b0ccf071277093a2e02fd89ae05dcb
RAT
.NET EXE
PE File
PE32
VirusTotal
Malware
PDB
Check memory
Checks debugger
unpack itself
Check virtual network interfaces
Tofsee
1
Keyword trend analysis
×
Info
×
http://apps.identrust.com/roots/dstrootcax3.p7c
3
Info
×
oshi.at(5.253.86.15) - malware
5.253.86.15 - mailcious
121.254.136.27
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
3.4
51
ZeroCERT
2
2022-11-02 16:58
XCXCBBDFDHHD.exe
d7be2aadb342fee744551835417ab2d6
RAT
Confuser .NET
PE32
.NET EXE
PE File
VirusTotal
Malware
PDB
Check memory
Checks debugger
unpack itself
Check virtual network interfaces
Tofsee
ComputerName
DNS
2
Info
×
tgc8x.tk(50.115.174.192) - malware
50.115.174.192 - malware
3
Info
×
ET DNS Query to a .tk domain - Likely Hostile
ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
2.6
M
35
ZeroCERT
3
2022-11-02 16:56
BCVCBBDHDDHD.exe
4d93210060b11d704b1044cbc1b6bdfa
RAT
Confuser .NET
PE32
.NET EXE
PE File
VirusTotal
Malware
PDB
Check memory
Checks debugger
unpack itself
Check virtual network interfaces
Tofsee
ComputerName
DNS
2
Info
×
tgc8x.tk(50.115.174.192) - malware
50.115.174.192 - malware
3
Info
×
ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET DNS Query to a .tk domain - Likely Hostile
2.4
M
24
ZeroCERT
4
2022-04-27 18:32
vbc.exe
15c6da72eb32ee1b8ea97d4320a39dff
UPX
Malicious Packer
Malicious Library
Admin Tool (Sysinternals etc ...)
PE32
PE File
Emotet
VirusTotal
Malware
AutoRuns
Code Injection
buffers extracted
RWX flags setting
unpack itself
Windows
crashed
1
Keyword trend analysis
×
Info
×
http://rajparis.in/BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB/Wegkdkphuyjjgsmrndxlxcwmnkesjua
2
Info
×
rajparis.in(162.214.80.15)
162.214.80.15 - mailcious
6.0
M
19
ZeroCERT
5
2022-04-13 17:41
Vyhakaweykhdlxdskadtnsbyrarglk...
f437e68bcfe259663e8d3366bdd44b6c
UPX
Malicious Library
PE32
PE File
VirusTotal
Malware
RWX flags setting
unpack itself
Tofsee
crashed
2
Info
×
cutting-tools.in(162.215.240.160) - malware
162.215.240.160 - mailcious
2
Info
×
ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
2.0
M
17
ZeroCERT
First
1
Last
Total : 5cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
