Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
3556
2025-01-22 17:41
32_Chapter_22.xhtml
dd94d3b060774801b36e7a159ec76c02
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
DNS
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
4.2
guest
3557
2025-01-22 17:41
com.apple.ibooks.display-optio...
ef8471a5ee7d95fc9ed384a926f3a93e
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
DNS
2
Info
×
ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
4.2
guest
3558
2025-01-22 17:40
31_Chapter_21.xhtml
dd5dc49b1aaec82a0c4907531635ccdf
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
DNS
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
3.6
guest
3559
2025-01-22 17:39
mimetype
4154e1f4f9c0e002cc44aae97103ebe2
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
DNS
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
4.2
guest
3560
2025-01-22 17:38
30_Chapter_20.xhtml
a1d3e6e112d4291c1215a5660f420d2f
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
DNS
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
4.2
guest
3561
2025-01-22 17:38
29_Chapter_19.xhtml
0555a36138694193d5e23f61387fada5
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
DNS
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
3.6
guest
3562
2025-01-22 17:36
28_Chapter_18.xhtml
b4f48aea8ac44cd69e4cd6b38e2bd8dd
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
DNS
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
4.2
guest
3563
2025-01-22 17:36
27_Chapter_17.xhtml
a36e1de43f631d6786f9aa051dcb7605
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
DNS
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
4.2
guest
3564
2025-01-22 17:36
Server.exe
25443271763910e38d74296d29f48071
Generic Malware
UPX
PE File
.NET EXE
PE32
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
Creates executable files
unpack itself
Windows utilities
suspicious process
AppData folder
WriteConsoleW
Creates autorun.inf
human activity check
Windows
8.2
M
58
ZeroCERT
3565
2025-01-22 17:35
26_Chapter_16.xhtml
f1cb6e514fb9ab2e2f5c57e68557c760
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
DNS
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
3.6
guest
3566
2025-01-22 17:34
24_Part_02.xhtml
cb0381600662734967cd4fbf61268ece
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
DNS
2
Info
×
ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
4.2
guest
3567
2025-01-22 17:34
25_Frontmatter2.xhtml
92d30296635b5f682bddaeb07b7aa36f
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
DNS
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
4.2
guest
3568
2025-01-22 17:32
23_Chapter_15.xhtml
c54c36a7325c36abbb77fcb9a519ec4a
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
DNS
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
4.2
guest
3569
2025-01-22 17:31
22_Chapter_14.xhtml
eaa271e93c31abcec442d214ac06731c
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
DNS
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
4.2
guest
3570
2025-01-22 17:30
Server.exe
d61b6c8d2031c9c14fd2ca8cac4abbd0
Generic Malware
UPX
PE File
.NET EXE
PE32
VirusTotal
Malware
AppData folder
WriteConsoleW
DNS
3
Info
×
2.tcp.eu.ngrok.io(18.156.13.209)
18.197.239.5
18.156.13.209
1
Info
×
ET INFO DNS Query to a *.ngrok domain (ngrok.io)
3.4
M
62
ZeroCERT
First
Previous
231
232
233
234
235
236
237
238
239
240
Next
Last
Total : 53,690cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
