Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
1
2021-06-18 11:33
winhost.exe
2415c1f7de7b48be235bd153e7eb2470
AsyncRAT
backdoor
PE File
PE64
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
crashed
2.4
M
31
ZeroCERT
2
2021-06-14 14:15
cmd.exe
bbcb6f6fdf6a96a19d47dc05f30b1d8c
PE File
.NET EXE
OS Processor Check
PE32
VirusTotal
Malware
PDB
Check memory
Checks debugger
unpack itself
WriteConsoleW
Tofsee
Windows
2
Keyword trend analysis
×
Info
×
https://cdn.discordapp.com/attachments/829281619470712862/849290836800700426/t.exe - rule_id: 1935
https://cdn.discordapp.com/attachments/829281619470712862/849291451929329674/p.exe - rule_id: 1936
2
Info
×
cdn.discordapp.com(162.159.135.233) - malware
162.159.129.233 - malware
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
2
Info
×
https://cdn.discordapp.com/attachments/829281619470712862/849290836800700426/t.exe
https://cdn.discordapp.com/attachments/829281619470712862/849291451929329674/p.exe
3.8
M
46
ZeroCERT
3
2021-06-11 12:42
ConsoleApp4.exe
c4050e6bdd335e319ca7b848d53b9108
AsyncRAT
backdoor
Code injection
AntiDebug
AntiVM
PE File
.NET EXE
OS Processor Check
PE32
VirusTotal
Malware
AutoRuns
MachineGuid
Check memory
Creates executable files
unpack itself
Windows utilities
suspicious process
AppData folder
WriteConsoleW
Tofsee
Windows
ComputerName
crashed
1
Keyword trend analysis
×
Info
×
https://cdn-101.anonfiles.com/P1hemdxeu9/ea968049-1621548401/cmd.exe
3
Info
×
cdn-101.anonfiles.com(217.64.149.169)
botboyz.online()
217.64.149.169
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
10.4
M
50
ZeroCERT
4
2021-06-11 12:30
main.exe
94d266e338b8c8b9ea84cd9c03439032
AntiDebug
AntiVM
PE File
.NET EXE
PE32
VirusTotal
Malware
suspicious privilege
Code Injection
Malicious Traffic
Check memory
Checks debugger
buffers extracted
WMI
unpack itself
Check virtual network interfaces
ComputerName
Firmware
crashed
2
Keyword trend analysis
×
Info
×
http://matixx.xyz/panel/login.php
http://matixx.xyz/panel/
2
Info
×
matixx.xyz(212.192.241.97) - malware
212.192.241.97 - malware
1
Info
×
ET HUNTING Request to .XYZ Domain with Minimal Headers
12.0
M
45
ZeroCERT
5
2021-06-11 12:25
cmd.exe
bbcb6f6fdf6a96a19d47dc05f30b1d8c
PE File
.NET EXE
OS Processor Check
PE32
VirusTotal
Malware
AutoRuns
PDB
Check memory
Checks debugger
unpack itself
Windows utilities
suspicious process
WriteConsoleW
Tofsee
Windows
ComputerName
2
Keyword trend analysis
×
Info
×
https://cdn.discordapp.com/attachments/829281619470712862/849290836800700426/t.exe
https://cdn.discordapp.com/attachments/829281619470712862/849291451929329674/p.exe
2
Info
×
cdn.discordapp.com(162.159.129.233) - malware
162.159.135.233 - malware
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
5.2
M
37
ZeroCERT
First
1
Last
Total : 5cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword