Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
14896
2023-03-05 14:23
clip64.dll
f7ab2172748e041ae595f162af6b10e4
UPX
Admin Tool (Sysinternals etc ...)
Malicious Library
OS Processor Check
DLL
PE32
PE File
VirusTotal
Malware
PDB
Checks debugger
unpack itself
2.0
M
51
ZeroCERT
14897
2023-03-05 14:23
clip64.dll
c1ddaca25d84d05e809ffce1d2b468b7
UPX
Admin Tool (Sysinternals etc ...)
Malicious Library
OS Processor Check
DLL
PE32
PE File
VirusTotal
Malware
PDB
Checks debugger
unpack itself
2.0
M
53
ZeroCERT
14898
2023-03-05 09:51
http://121.231.224.30:41929/mo...
AntiDebug
AntiVM
PNG Format
MSOffice File
JPEG Format
VirusTotal
Malware
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
Windows
Exploit
DNS
crashed
1
Keyword trend analysis
×
Info
×
http://crl.microsoft.com/pki/crl/products/microsoftrootcert.crl
2
Info
×
121.231.224.30 - malware
121.254.136.26
5.2
guest
14899
2023-03-05 09:49
http://182.126.66.208:58739/i
PWS[m]
Downloader
Create Service
DGA
Socket
ScreenShot
DNS
Internet API
Code injection
Hijack Network
Sniff Audio
HTTP
Steal credential
KeyLogger
P2P
Escalate priviledges
persistence
FTP
Http API
AntiDebug
AntiVM
MSOffice File
PNG Format
JPEG Format
VirusTotal
Malware
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
Exploit
DNS
crashed
1
Info
×
182.126.66.208 - malware
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
6.4
guest
14900
2023-03-05 09:46
http://125.41.5.251:54911/i
PWS[m]
Downloader
Create Service
DGA
Socket
ScreenShot
DNS
Internet API
Code injection
Hijack Network
Sniff Audio
HTTP
Steal credential
KeyLogger
P2P
Escalate priviledges
persistence
FTP
Http API
AntiDebug
AntiVM
MSOffice File
PNG Format
JPEG Format
VirusTotal
Malware
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
Exploit
DNS
crashed
1
Info
×
125.41.5.251 - malware
2
Info
×
ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
6.4
guest
14901
2023-03-05 09:46
com.apple.messages.geometrycac...
3ba7d84c38de4a738146886b50f8cbc7
AntiDebug
AntiVM
Email Client Info Stealer
suspicious privilege
Checks debugger
Creates shortcut
unpack itself
installed browsers check
Browser
Email
ComputerName
3.4
BRY
14902
2023-03-05 09:44
Devices - A list of devices (i...
f45540e776c4390d1aa328ebfdd45ba9
PWS[m]
ScreenShot
KeyLogger
AntiDebug
AntiVM
MachineGuid
Checks debugger
exploit crash
unpack itself
Windows
Exploit
Cryptographic key
crashed
2.0
guest
14903
2023-03-05 09:44
Unzip.pm
aff6f4346b786032e8a690db3ce22049
AntiDebug
AntiVM
Email Client Info Stealer
suspicious privilege
Checks debugger
Creates shortcut
unpack itself
installed browsers check
Browser
Email
ComputerName
DNS
4.0
guest
14904
2023-03-05 09:43
http://219.157.193.76:60210/mo...
AntiDebug
AntiVM
PNG Format
MSOffice File
JPEG Format
VirusTotal
Malware
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
Windows
Exploit
DNS
crashed
1
Info
×
219.157.193.76 - malware
5.4
guest
14905
2023-03-05 09:42
enableFinderExtension.scpt
b5fa406d66ac613e726fd2b90b19d483
AntiDebug
AntiVM
Email Client Info Stealer
suspicious privilege
Checks debugger
Creates shortcut
unpack itself
installed browsers check
Browser
Email
ComputerName
DNS
4.0
guest
14906
2023-03-05 09:42
http://36.33.215.3:36362/bin.s...
PWS[m]
Downloader
Create Service
DGA
Socket
ScreenShot
DNS
Internet API
Code injection
Hijack Network
Sniff Audio
HTTP
Steal credential
KeyLogger
P2P
Escalate priviledges
persistence
FTP
Http API
AntiDebug
AntiVM
PNG Format
MSOffice File
JPEG Format
VirusTotal
Malware
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
Exploit
DNS
crashed
1
Info
×
36.33.215.3 - malware
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
6.4
guest
14907
2023-03-05 09:41
http://59.93.17.62:48422/Mozi....
AntiDebug
AntiVM
PNG Format
MSOffice File
JPEG Format
VirusTotal
Malware
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
Windows
Exploit
DNS
crashed
1
Info
×
59.93.17.62 - malware
5.4
guest
14908
2023-03-05 09:40
http://113.116.43.242:46956/bi...
PWS[m]
Downloader
Create Service
DGA
Socket
ScreenShot
DNS
Internet API
Code injection
Hijack Network
Sniff Audio
HTTP
Steal credential
KeyLogger
P2P
Escalate priviledges
persistence
FTP
Http API
AntiDebug
AntiVM
PNG Format
MSOffice File
JPEG Format
VirusTotal
Malware
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
Exploit
DNS
crashed
1
Info
×
113.116.43.242 - malware
2
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
7.0
guest
14909
2023-03-05 09:40
http://27.45.39.19:35273/Mozi....
PWS[m]
Downloader
Create Service
DGA
Socket
ScreenShot
DNS
Internet API
Code injection
Hijack Network
Sniff Audio
HTTP
Steal credential
KeyLogger
P2P
Escalate priviledges
persistence
FTP
Http API
AntiDebug
AntiVM
PNG Format
MSOffice File
JPEG Format
VirusTotal
Malware
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
malicious URLs
Tofsee
Windows
Exploit
DNS
crashed
1
Info
×
27.45.39.19 - malware
2
Info
×
ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
6.4
guest
14910
2023-03-05 09:40
http://183.161.226.39:41814/Mo...
AntiDebug
AntiVM
MSOffice File
PNG Format
JPEG Format
VirusTotal
Malware
Code Injection
RWX flags setting
exploit crash
unpack itself
Windows utilities
Windows
Exploit
DNS
crashed
1
Info
×
183.161.226.39 - malware
5.4
guest
First
Previous
991
992
993
994
995
996
997
998
999
1000
Next
Last
Total : 49,456cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
