Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
3586
2025-01-22 17:19
11_Chapter_03.xhtml
5f02eb54c95e17e7b470e58b0f5fc135
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
DNS
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
4.2
guest
3587
2025-01-22 17:18
333.exe
5855063b0ae049847b1d9eeced51a17b
AsyncRAT
Malicious Library
Malicious Packer
.NET framework(MSIL)
UPX
PE File
.NET EXE
PE32
OS Processor Check
VirusTotal
Malware
DNS
1
Info
×
163.172.125.253
3.4
M
56
ZeroCERT
3588
2025-01-22 17:17
09_Chapter_01.xhtml
4f082a8f4e8858e8684e21fd28f688bf
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
DNS
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
4.2
guest
3589
2025-01-22 17:17
10_Chapter_02.xhtml
c5c670d5a3c2c8a88f3017f42d64be99
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
DNS
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
4.2
guest
3590
2025-01-22 17:17
08_Frontmatter1.xhtml
57adef9d687eddd0eaa425702bdb22eb
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
DNS
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
4.2
guest
3591
2025-01-22 17:16
rh_0-8_2025-01-16_12-51.exe
12eafcfe2e58af1f695e82daec1f1efd
Malicious Library
UPX
PE File
PE32
OS Processor Check
VirusTotal
Malware
unpack itself
2.0
M
52
ZeroCERT
3592
2025-01-22 17:14
07_Part_01.xhtml
e4ed752c54e904e02b1e63ead2b1f514
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
DNS
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
4.2
guest
3593
2025-01-22 17:14
chrome.exe
83e93539d82c1a0db8e7564f2665911c
.NET framework(MSIL)
UPX
PE File
.NET EXE
PE32
VirusTotal
Malware
Checks debugger
unpack itself
1.8
M
55
ZeroCERT
3594
2025-01-22 17:13
05_Dedication.xhtml
e5588e3bc1c8a150a6697519424c4061
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
DNS
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
4.2
guest
3595
2025-01-22 17:13
06_Good.xhtml
a76114dae9dd49af1e25a1573b357dec
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
DNS
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
4.2
guest
3596
2025-01-22 17:11
coinbase.exe
77620fa13ab93f172c7c8d99d92c9fa2
Malicious Library
Malicious Packer
Antivirus
.NET framework(MSIL)
UPX
PE File
.NET EXE
PE32
OS Processor Check
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
2.0
M
61
ZeroCERT
3597
2025-01-22 17:09
04a_Contents.xhtml
801df41841b48c958e1b726340b8bfa0
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
DNS
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
4.2
guest
3598
2025-01-22 17:09
04_Copyright.xhtml
25cf14928854d27258b5d1e2a9e9a6a9
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
DNS
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
4.2
guest
3599
2025-01-22 17:08
cred64.dll
478cf1466756aec3b32c8cc61fc5c6c6
Generic Malware
Malicious Library
UPX
Antivirus
PE File
DLL
PE64
OS Processor Check
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Malware
Cryptocurrency wallets
Cryptocurrency
powershell
PDB
suspicious privilege
MachineGuid
Malicious Traffic
Check memory
Checks debugger
Creates shortcut
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
sandbox evasion
installed browsers check
Windows
Browser
ComputerName
DNS
Cryptographic key
Software
1
Keyword trend analysis
×
Info
×
http://185.196.8.37/Gd85kkjf/index.php
1
Info
×
185.196.8.37 - malware
1
Info
×
ET DROP Spamhaus DROP Listed Traffic Inbound group 33
9.8
M
54
ZeroCERT
3600
2025-01-22 17:07
03_Review.xhtml
3914ff27af290f8886acc66ecaaded4b
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
DNS
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
4.2
guest
First
Previous
231
232
233
234
235
236
237
238
239
240
Next
Last
Total : 53,690cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
