Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
45046
2024-06-08 04:07
openaudit-win7firewall-enabler...
4d8d32c0abb989f4734a4cf69d8714c7
Downloader
task schedule
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
FTP
KeyLogger
P2P
AntiDebug
AntiVM
Windows utilities
malicious URLs
WriteConsoleW
Windows
1.4
guest
45047
2024-06-08 04:07
index.html
0227cfd904e99656279202032b98d4a7
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
StartPage
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
Exploit
DNS
crashed
2
Info
×
ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
4.8
guest
45048
2024-06-08 04:08
audit.vbs
15d55b48219e0b14efa29f7d9c8fe885
[C] All Process
task schedule
Downloader
Antivirus
[C] OS
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
Anti_VM
AntiDebug
AntiVM
WMI
malicious URLs
ComputerName
1.8
3
guest
45049
2024-06-08 04:08
index.html
0227cfd904e99656279202032b98d4a7
AntiDebug
AntiVM
StartPage
MSOffice File
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
Tofsee
Windows
Exploit
DNS
crashed
2
Info
×
ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
3.8
guest
45050
2024-06-08 04:09
PopupMenu.js
b7e1851d03c8ccc2389d75113ab4ea21
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
malicious URLs
crashed
1.0
guest
45051
2024-06-08 04:10
offline.cmd
558c011f11e9172d07fe2db3d2d47e71
task schedule
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
FTP
KeyLogger
P2P
persistence
AntiDebug
AntiVM
unpack itself
WriteConsoleW
1.0
guest
45052
2024-06-08 04:10
ajax.js
abde971f007c55f8747734b91684e174
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
malicious URLs
0.8
guest
45053
2024-06-08 04:10
admin_config.js
7aeb9d957d35eff708c605f3c8117ae6
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
unpack itself
malicious URLs
crashed
1.4
guest
45054
2024-06-08 04:11
offline.cmd
558c011f11e9172d07fe2db3d2d47e71
task schedule
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
FTP
KeyLogger
P2P
persistence
AntiDebug
AntiVM
unpack itself
WriteConsoleW
1.0
guest
45055
2024-06-08 04:12
audit_cmd.js
9b3f2bc442accabeaf421ab5f15229ad
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
malicious URLs
0.8
guest
45056
2024-06-08 04:12
admin_config.js
7aeb9d957d35eff708c605f3c8117ae6
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
malicious URLs
crashed
1.0
guest
45057
2024-06-08 04:12
openaudit-clientscan-setup.exe
2a94bd23e9d3665a0b465535cf3cbb8f
Downloader
Malicious Library
UPX
Http API
ScreenShot
Escalate priviledges
PWS
persistence
KeyLogger
Create Service
Socket
DGA
Steal credential
Sniff Audio
HTTP
DNS
Code injection
Internet API
FTP
P2P
AntiDebug
AntiVM
PE File
PE32
MZP Format
OS Processor C
Checks debugger
unpack itself
malicious URLs
2.0
4
guest
45058
2024-06-08 04:13
PopupMenu.js
b7e1851d03c8ccc2389d75113ab4ea21
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
malicious URLs
crashed
1.0
guest
45059
2024-06-08 04:15
oa-importcert.cmd
4d3f949bda6999f920d5338e785f75f2
Downloader
task schedule
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
SMTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
Hijack Network
AntiDebug
AntiVM
powershell
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
malicious URLs
WriteConsoleW
Windows
ComputerName
Cryptographic key
5.0
guest
45060
2024-06-08 04:17
ajax.js
abde971f007c55f8747734b91684e174
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
malicious URLs
0.8
guest
First
Previous
3001
3002
3003
3004
3005
3006
3007
3008
3009
3010
Next
Last
Total : 48,289cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword