Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
961
2024-08-18 10:28
https://casa13.pt.org.br/
AntiDebug
AntiVM
MSOffice File
PNG Format
JPEG Format
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
Tofsee
Windows
Exploit
DNS
crashed
2
Info
×
casa13.pt.org.br(140.238.238.160)
168.75.82.220
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
3.8
guest
962
2024-08-18 10:21
https://x.com/
1911a4b09af1e5212912f6e1115e5306
Downloader
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
PNG Format
MSOffice File
JPEG Format
VirusTotal
Malware
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
Exploit
DNS
crashed
2
Info
×
x.com(104.244.42.129) - compromised
104.244.42.65 - suspicious
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
4.6
guest
963
2024-08-18 10:17
msedge.exe
30e74327b4f7bc2e556ac0a6d8e02dd2
Generic Malware
Malicious Library
Malicious Packer
UPX
PE File
PE64
OS Processor Check
PDB
Remote Code Execution
0.6
guest
964
2024-08-18 10:15
W10DigitalActivation_x64.iso
89bd10832539a85ef8557b8976a38207
AntiDebug
AntiVM
Check memory
Checks debugger
unpack itself
1.2
guest
965
2024-08-18 10:08
L3250_L3251_Lite_LA.exe
23b9be57494e761584989265e5a2dcf3
Emotet
Gen1
Schwerer
Generic Malware
Malicious Library
UPX
Malicious Packer
Admin Tool (Sysinternals etc ...)
PE File
PE32
MZP Format
PNG Format
DLL
OS Processor Check
JPEG Format
icon
PE64
Malware
Malicious Traffic
Check memory
Checks debugger
RWX flags setting
unpack itself
AppData folder
Tofsee
ComputerName
DNS
1
Keyword trend analysis
×
Info
×
https://download.ebz.epson.net/dsc/du/01/DriverUpdateInfo?PR=SW&CTI=61&LG2=E2
6
Info
×
download.ebz.epson.net(23.210.36.144)
files.support.epson.com(45.60.49.158)
plg3-research.epson.biz(54.192.175.13)
54.192.175.13
45.60.49.158
23.36.220.145
3
Info
×
ET INFO Observed DNS Query to .biz TLD
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
4.4
guest
966
2024-08-18 10:08
L3250_L3251_Lite_LA.exe
23b9be57494e761584989265e5a2dcf3
Emotet
Gen1
Schwerer
Generic Malware
Malicious Library
UPX
Malicious Packer
Admin Tool (Sysinternals etc ...)
PE File
PE32
MZP Format
PNG Format
DLL
OS Processor Check
JPEG Format
icon
PE64
Malware
Malicious Traffic
Check memory
Checks debugger
RWX flags setting
unpack itself
AppData folder
Tofsee
ComputerName
DNS
1
Keyword trend analysis
×
Info
×
https://download.ebz.epson.net/dsc/du/01/DriverUpdateInfo?PR=SW&CTI=61&LG2=E2
6
Info
×
download.ebz.epson.net(23.210.36.144)
files.support.epson.com(45.60.49.158)
plg3-research.epson.biz(54.192.175.72)
54.192.175.24
45.60.49.158
104.94.216.97
3
Info
×
ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO Observed DNS Query to .biz TLD
3.8
guest
967
2024-08-18 10:03
alanne L3150_Lite_LA.exe
e804d30fec2f2c8f51417273192d4c3a
Gen1
Malicious Library
UPX
PE File
PE32
MZP Format
OS Processor Check
PE64
Check memory
Checks debugger
unpack itself
AppData folder
crashed
2.2
guest
968
2024-08-18 09:58
SSD-Z.exe
dc6e1b46c89572020133463ec43ca414
Downloader
Malicious Library
Malicious Packer
UPX
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
P2P
AntiDebug
AntiVM
PE Fil
Check memory
unpack itself
malicious URLs
AntiVM_Disk
anti-virtualization
VM Disk Size Check
2.6
1
guest
969
2024-08-18 09:53
eagleget-2-1-6-50.exe
e96dd956bc2159ff1d073876ef5d4e58
Gen1
Generic Malware
Downloader
task schedule
Malicious Library
UPX
Antivirus
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Hijack Network
Sniff Audio
HTTP
DNS
Code injection
Internet API
persistence
FTP
KeyLogger
suspicious privilege
Check memory
Checks debugger
WMI
Creates executable files
unpack itself
Windows utilities
AppData folder
malicious URLs
WriteConsoleW
Windows
ComputerName
5.0
16
guest
970
2024-08-18 06:48
Feliz natal.docx
7ecabc55cb0e6b0893102fb1d368b34e
Word 2007 file format(docx)
ZIP Format
Vulnerability
unpack itself
1.8
guest
971
2024-08-18 02:39
APP do PT.url
d5bc3c4d57a844636c1bcd3ed5d7fb1f
AntiDebug
AntiVM
URL Format
MSOffice File
PNG Format
JPEG Format
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
Tofsee
Windows
Exploit
DNS
crashed
2
Info
×
app.pt.org.br(140.238.238.160)
140.238.238.160
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
4.2
guest
972
2024-08-18 02:13
MediaCreationTool_Win11_23H2.e...
25c9285c00ef7d41b28823a053a9a372
Gen1
Generic Malware
Malicious Library
Malicious Packer
UPX
PE File
CAB
PE32
PDB
Remote Code Execution
1.0
guest
973
2024-08-17 23:19
cpuz.exe
933612be98b1de1b5fb119a6b30e84db
Emotet
Gen1
Generic Malware
Malicious Library
Malicious Packer
ASPack
UPX
PE File
PE64
OS Processor Check
PDB
suspicious privilege
Check memory
Checks debugger
Creates shortcut
unpack itself
Auto service
Firewall state off
anti-virtualization
Tofsee
Windows
ComputerName
Firmware
2
Info
×
download.cpuid.com(195.154.81.43)
195.154.81.43
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
6.0
guest
974
2024-08-17 23:19
OInstall_x64.exe
0ecb6ffe27ff59289f07d7097a7b36e8
Gen1
Emotet
Generic Malware
PhysicalDrive
task schedule
Downloader
Malicious Library
Antivirus
UPX
Malicious Packer
Admin Tool (Sysinternals etc ...)
[C] OS
Socket
DGA
Http API
ScreenShot
Escalate priviledges
PWS
Hijack Network
HTTP
DNS
Internet API
persi
powershell
Buffer PE
suspicious privilege
Check memory
Checks debugger
buffers extracted
Creates shortcut
Creates executable files
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
AppData folder
malicious URLs
WriteConsoleW
Windows
ComputerName
Cryptographic key
crashed
9.4
guest
975
2024-08-17 23:18
OInstallLite_x64.exe
eac3a81a4d8b10eb2c8bc8b87cbb252e
Gen1
Emotet
Generic Malware
Downloader
task schedule
Malicious Library
Antivirus
UPX
Admin Tool (Sysinternals etc ...)
Malicious Packer
[C] OS
Create Service
Socket
DGA
Http API
ScreenShot
Escalate priviledges
Steal credential
PWS
Sniff Audio
HTTP
DNS
Cod
powershell
Buffer PE
suspicious privilege
Check memory
Checks debugger
buffers extracted
Creates shortcut
Creates executable files
unpack itself
Windows utilities
powershell.exe wrote
suspicious process
AppData folder
malicious URLs
WriteConsoleW
Windows
ComputerName
Cryptographic key
crashed
10.0
guest
First
Previous
61
62
63
64
65
66
67
68
69
70
Next
Last
Total : 48,199cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword