Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
15136
2023-03-05 14:23
clip64.dll
f7ab2172748e041ae595f162af6b10e4
UPX
Admin Tool (Sysinternals etc ...)
Malicious Library
OS Processor Check
DLL
PE32
PE File
VirusTotal
Malware
PDB
Checks debugger
unpack itself
2.0
M
51
ZeroCERT
15137
2023-03-05 14:23
clip64.dll
c1ddaca25d84d05e809ffce1d2b468b7
UPX
Admin Tool (Sysinternals etc ...)
Malicious Library
OS Processor Check
DLL
PE32
PE File
VirusTotal
Malware
PDB
Checks debugger
unpack itself
2.0
M
53
ZeroCERT
15138
2023-03-05 09:51
http://121.231.224.30:41929/mo...
AntiDebug
AntiVM
PNG Format
MSOffice File
JPEG Format
VirusTotal
Malware
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
Windows
Exploit
DNS
crashed
1
Keyword trend analysis
×
Info
×
http://crl.microsoft.com/pki/crl/products/microsoftrootcert.crl
2
Info
×
121.231.224.30 - malware
121.254.136.26
5.2
guest
15139
2023-03-05 09:49
http://182.126.66.208:58739/i
PWS[m]
Downloader
Create Service
DGA
Socket
ScreenShot
DNS
Internet API
Code injection
Hijack Network
Sniff Audio
HTTP
Steal credential
KeyLogger
P2P
Escalate priviledges
persistence
FTP
Http API
AntiDebug
AntiVM
MSOffice File
PNG Format
JPEG Format
VirusTotal
Malware
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
Exploit
DNS
crashed
1
Info
×
182.126.66.208 - malware
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
6.4
guest
15140
2023-03-05 09:46
http://125.41.5.251:54911/i
PWS[m]
Downloader
Create Service
DGA
Socket
ScreenShot
DNS
Internet API
Code injection
Hijack Network
Sniff Audio
HTTP
Steal credential
KeyLogger
P2P
Escalate priviledges
persistence
FTP
Http API
AntiDebug
AntiVM
MSOffice File
PNG Format
JPEG Format
VirusTotal
Malware
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
Exploit
DNS
crashed
1
Info
×
125.41.5.251 - malware
2
Info
×
ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
6.4
guest
15141
2023-03-05 09:46
com.apple.messages.geometrycac...
3ba7d84c38de4a738146886b50f8cbc7
AntiDebug
AntiVM
Email Client Info Stealer
suspicious privilege
Checks debugger
Creates shortcut
unpack itself
installed browsers check
Browser
Email
ComputerName
3.4
BRY
15142
2023-03-05 09:44
Devices - A list of devices (i...
f45540e776c4390d1aa328ebfdd45ba9
PWS[m]
ScreenShot
KeyLogger
AntiDebug
AntiVM
MachineGuid
Checks debugger
exploit crash
unpack itself
Windows
Exploit
Cryptographic key
crashed
2.0
guest
15143
2023-03-05 09:44
Unzip.pm
aff6f4346b786032e8a690db3ce22049
AntiDebug
AntiVM
Email Client Info Stealer
suspicious privilege
Checks debugger
Creates shortcut
unpack itself
installed browsers check
Browser
Email
ComputerName
DNS
4.0
guest
15144
2023-03-05 09:43
http://219.157.193.76:60210/mo...
AntiDebug
AntiVM
PNG Format
MSOffice File
JPEG Format
VirusTotal
Malware
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
Windows
Exploit
DNS
crashed
1
Info
×
219.157.193.76 - malware
5.4
guest
15145
2023-03-05 09:42
enableFinderExtension.scpt
b5fa406d66ac613e726fd2b90b19d483
AntiDebug
AntiVM
Email Client Info Stealer
suspicious privilege
Checks debugger
Creates shortcut
unpack itself
installed browsers check
Browser
Email
ComputerName
DNS
4.0
guest
15146
2023-03-05 09:42
http://36.33.215.3:36362/bin.s...
PWS[m]
Downloader
Create Service
DGA
Socket
ScreenShot
DNS
Internet API
Code injection
Hijack Network
Sniff Audio
HTTP
Steal credential
KeyLogger
P2P
Escalate priviledges
persistence
FTP
Http API
AntiDebug
AntiVM
PNG Format
MSOffice File
JPEG Format
VirusTotal
Malware
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
Exploit
DNS
crashed
1
Info
×
36.33.215.3 - malware
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
6.4
guest
15147
2023-03-05 09:41
http://59.93.17.62:48422/Mozi....
AntiDebug
AntiVM
PNG Format
MSOffice File
JPEG Format
VirusTotal
Malware
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
Windows
Exploit
DNS
crashed
1
Info
×
59.93.17.62 - malware
5.4
guest
15148
2023-03-05 09:40
http://113.116.43.242:46956/bi...
PWS[m]
Downloader
Create Service
DGA
Socket
ScreenShot
DNS
Internet API
Code injection
Hijack Network
Sniff Audio
HTTP
Steal credential
KeyLogger
P2P
Escalate priviledges
persistence
FTP
Http API
AntiDebug
AntiVM
PNG Format
MSOffice File
JPEG Format
VirusTotal
Malware
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
Exploit
DNS
crashed
1
Info
×
113.116.43.242 - malware
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
7.0
guest
15149
2023-03-05 09:40
http://27.45.39.19:35273/Mozi....
PWS[m]
Downloader
Create Service
DGA
Socket
ScreenShot
DNS
Internet API
Code injection
Hijack Network
Sniff Audio
HTTP
Steal credential
KeyLogger
P2P
Escalate priviledges
persistence
FTP
Http API
AntiDebug
AntiVM
PNG Format
MSOffice File
JPEG Format
VirusTotal
Malware
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
Exploit
DNS
crashed
1
Info
×
27.45.39.19 - malware
2
Info
×
ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
6.4
guest
15150
2023-03-05 09:40
http://183.161.226.39:41814/Mo...
AntiDebug
AntiVM
MSOffice File
PNG Format
JPEG Format
VirusTotal
Malware
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
Windows
Exploit
DNS
crashed
1
Info
×
183.161.226.39 - malware
5.4
guest
First
Previous
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
Next
Last
Total : 49,696cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
