Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
44941
2024-06-08 00:38
openaudit-win7firewall-enabler...
4d8d32c0abb989f4734a4cf69d8714c7
task schedule
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
FTP
KeyLogger
P2P
AntiDebug
AntiVM
Windows utilities
malicious URLs
WriteConsoleW
Windows
1.4
guest
44942
2024-06-08 00:40
wmifiletypesearchexe.vbs
b7f5a16836f71574484136e77415ca4b
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
unpack itself
malicious URLs
ComputerName
crashed
1.6
1
guest
44943
2024-06-08 00:48
Openaudit-Clientscan.lnk
afa017bc06e99f342bcabf241ef1a631
Generic Malware
task schedule
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
Lnk Format
GIF Format
Creates shortcut
unpack itself
malicious URLs
WriteConsoleW
1.8
guest
44944
2024-06-08 00:50
audit.vbs
15d55b48219e0b14efa29f7d9c8fe885
[C] All Process
task schedule
Downloader
Antivirus
[C] OS
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
Anti_VM
AntiDebug
AntiVM
WMI
malicious URLs
ComputerName
1.8
3
guest
44945
2024-06-08 00:57
oaclientside.cmd
008780c9a914156a8190fbfb852fb9c3
task schedule
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
FTP
KeyLogger
P2P
persistence
AntiDebug
AntiVM
unpack itself
WriteConsoleW
1.0
guest
44946
2024-06-08 01:08
oaclientside.cmd
008780c9a914156a8190fbfb852fb9c3
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
FTP
KeyLogger
P2P
persistence
AntiDebug
AntiVM
unpack itself
WriteConsoleW
1.0
guest
44947
2024-06-08 01:15
audit.vbs
15d55b48219e0b14efa29f7d9c8fe885
[C] All Process
task schedule
Downloader
Antivirus
[C] OS
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
Anti_VM
AntiDebug
AntiVM
WMI
malicious URLs
ComputerName
1.8
3
guest
44948
2024-06-08 01:31
index.html
0227cfd904e99656279202032b98d4a7
AntiDebug
AntiVM
StartPage
MSOffice File
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
Tofsee
Windows
Exploit
DNS
crashed
2
Info
×
ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
3.8
guest
44949
2024-06-08 01:39
openaudit-clientscan-setup.exe
2a94bd23e9d3665a0b465535cf3cbb8f
Generic Malware
task schedule
Downloader
Malicious Library
UPX
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
PE File
Checks debugger
unpack itself
AppData folder
malicious URLs
2.4
4
guest
44950
2024-06-08 01:40
audit_log.html
cfc4dd7a77f4dd5fa271fc822560302e
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
Tofsee
Windows
Exploit
DNS
crashed
2
Info
×
ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
3.8
guest
44951
2024-06-08 01:43
audit_log.html
cfc4dd7a77f4dd5fa271fc822560302e
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
Exploit
DNS
crashed
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
4.2
guest
44952
2024-06-08 01:44
openaudit-clientscan-setup.exe
2a94bd23e9d3665a0b465535cf3cbb8f
Generic Malware
Downloader
task schedule
Malicious Library
UPX
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
Checks debugger
unpack itself
AppData folder
malicious URLs
2.4
4
guest
44953
2024-06-08 01:52
export_file.html
ba18e54410f8138a68ae1e581c241032
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
Exploit
DNS
crashed
2
Info
×
ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
4.8
guest
44954
2024-06-08 01:55
index.html
0227cfd904e99656279202032b98d4a7
AntiDebug
AntiVM
StartPage
MSOffice File
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
Tofsee
Windows
Exploit
DNS
crashed
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
3.8
guest
44955
2024-06-08 01:56
offline.cmd
558c011f11e9172d07fe2db3d2d47e71
task schedule
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
FTP
KeyLogger
P2P
persistence
AntiDebug
AntiVM
unpack itself
WriteConsoleW
DNS
1.6
guest
First
Previous
2991
2992
2993
2994
2995
2996
2997
2998
2999
3000
Next
Last
Total : 48,302cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
