Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
9196
2023-08-22 22:04
http://guzzoni-apple-com.v.aap...
Downloader
Create Service
Socket
P2P
DGA
Steal credential
Http API
Escalate priviledges
PWS
Hijack Network
Sniff Audio
HTTP
DNS
ScreenShot
Code injection
Internet API
persistence
FTP
KeyLogger
AntiDebug
AntiVM
PNG Format
MSOffice File
JPEG Format
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
Exploit
DNS
crashed
2
Info
×
guzzoni-apple-com.v.aaplimg.com(3.35.192.133)
3.35.192.133
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
5.2
d0bbART
9197
2023-08-22 21:57
https://www.facebook.com/willi...
58cf96814b3226a762f2a43de560aac6
guest
9198
2023-08-22 21:54
http://www.mbsecure.nl
18dc8a43694155066b09ad05888bbeae
Downloader
Create Service
Socket
P2P
DGA
Steal credential
Http API
Escalate priviledges
PWS
Hijack Network
Sniff Audio
HTTP
DNS
ScreenShot
Code injection
Internet API
persistence
FTP
KeyLogger
AntiDebug
AntiVM
PNG Format
JPEG Format
MSOffice File
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
Exploit
DNS
crashed
1
Keyword trend analysis
×
Info
×
http://www.mbsecure.nl/
2
Info
×
www.mbsecure.nl(198.185.159.145)
198.49.23.144 - mailcious
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
4.2
d0bbART
9199
2023-08-22 21:35
http://guzzoni-apple-com.v.aap...
Downloader
Create Service
Socket
P2P
DGA
Steal credential
Http API
Escalate priviledges
PWS
Hijack Network
Sniff Audio
HTTP
DNS
ScreenShot
Code injection
Internet API
persistence
FTP
KeyLogger
AntiDebug
AntiVM
PNG Format
JPEG Format
MSOffice File
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
Exploit
DNS
crashed
2
Info
×
guzzoni-apple-com.v.aaplimg.com(3.35.192.133)
3.35.192.133
2
Info
×
ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
5.8
d0bbART
9200
2023-08-22 21:34
http://favicons.nextdns.io
AntiDebug
AntiVM
MSOffice File
PNG Format
JPEG Format
Code Injection
RWX flags setting
unpack itself
Windows utilities
Tofsee
Windows
1
Keyword trend analysis
×
Info
×
http://favicons.nextdns.io/
2
Info
×
favicons.nextdns.io(172.67.72.46)
104.26.1.148
2
Info
×
ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
2.6
d0bbART
9201
2023-08-22 21:26
http://netcts.cdn-apple.com
73a78ff5bd7e5e88aa445826d4d6eecb
AntiDebug
AntiVM
MSOffice File
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
Tofsee
Windows
Exploit
DNS
crashed
2
Keyword trend analysis
×
Info
×
http://netcts.cdn-apple.com/favicon.ico
http://netcts.cdn-apple.com/
2
Info
×
netcts.cdn-apple.com(23.50.121.155)
23.67.53.32
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
3.8
d0bbART
9202
2023-08-22 20:23
http://sequoia.apple.com
AntiDebug
AntiVM
MSOffice File
PNG Format
JPEG Format
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
Tofsee
Windows
Exploit
DNS
crashed
2
Info
×
sequoia.apple.com(3.35.192.133)
3.35.192.133
2
Info
×
ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
4.8
d0bbART
9203
2023-08-22 20:20
http://p2.shared.global.fastly...
AntiDebug
AntiVM
PNG Format
MSOffice File
JPEG Format
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
Tofsee
Windows
Exploit
DNS
crashed
1
Keyword trend analysis
×
Info
×
http://p2.shared.global.fastly.net/
2
Info
×
p2.shared.global.fastly.net(151.101.2.49)
146.75.50.49
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
4.8
d0bbART
9204
2023-08-22 20:07
http://www.assistenza-clienti....
453be115b7e506439875638f182502da
AntiDebug
AntiVM
PNG Format
MSOffice File
JPEG Format
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
Tofsee
Windows
Exploit
DNS
crashed
1
Keyword trend analysis
×
Info
×
http://www.assistenza-clienti.it/
2
Info
×
www.assistenza-clienti.it(162.159.134.42)
162.159.134.42 - mailcious
2
Info
×
ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
3.8
d0bbART
9205
2023-08-22 18:09
isoHost.exe
57acf09a959e5044663f82d39ea75a34
Malicious Library
UPX
OS Processor Check
PE File
PE32
VirusTotal
Malware
unpack itself
2.2
M
44
ZeroCERT
9206
2023-08-22 18:08
svchost.dll
2f1b494814807d3344b483d97ad497fb
Malicious Library
UPX
Antivirus
OS Processor Check
PE File
DLL
PE32
VirusTotal
Malware
1.8
53
ZeroCERT
9207
2023-08-22 18:07
igfxEM.exe
114447fa6f663aed141feeb4dc72f9fa
.NET framework(MSIL)
PWS
SMTP
KeyLogger
AntiDebug
AntiVM
PE File
.NET EXE
PE32
Browser Info Stealer
FTP Client Info Stealer
VirusTotal
Email Client Info Stealer
Malware
PDB
suspicious privilege
Code Injection
Check memory
Checks debugger
buffers extracted
unpack itself
Browser
Email
ComputerName
Software
crashed
9.4
M
23
ZeroCERT
9208
2023-08-22 18:07
isoHost.exe
22bc409a1262d97b5f1cb8e85bccd6a8
Malicious Library
UPX
OS Processor Check
PE File
PE32
VirusTotal
Malware
unpack itself
2.2
M
50
ZeroCERT
9209
2023-08-22 18:02
UAV.doc
549b22eeb538376e7b2c63f30f137075
VBA_macro
ZIP Format
Word 2007 file format(docx)
VirusTotal
Malware
unpack itself
1.8
17
ZeroCERT
9210
2023-08-22 17:47
trxV9376
c901c8089c5e017f8e9b4b15c8ef154f
Malicious Library
UPX
Malicious Packer
OS Processor Check
PE File
DLL
PE64
DllRegisterServer
dll
VirusTotal
Malware
unpack itself
Remote Code Execution
2.2
M
54
guest
First
Previous
611
612
613
614
615
616
617
618
619
620
Next
Last
Total : 48,166cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
