Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
1
2023-05-15 08:55
bild6.exe
21eab81729333b160786a2de1b1e621d
RedLine stealer[m]
PWS
.NET framework
RAT
Generic Malware
Downloader
UPX
Malicious Library
Antivirus
Confuser .NET
Create Service
DGA
Socket
DNS
Code injection
HTTP
PWS[m]
Sniff Audio
Steal credential
Http API
P2P
Internet API
Escalate priviledges
FTP
Key
Browser Info Stealer
VirusTotal
Malware
Cryptocurrency wallets
Cryptocurrency
Telegram
AutoRuns
suspicious privilege
MachineGuid
Code Injection
Malicious Traffic
Check memory
Checks debugger
buffers extracted
Creates shortcut
Creates executable files
ICMP traffic
unpack itself
Windows utilities
Collect installed applications
Check virtual network interfaces
suspicious process
AppData folder
WriteConsoleW
IP Check
installed browsers check
Tofsee
Ransomware
Windows
Browser
ComputerName
DNS
Cryptographic key
crashed
2
Keyword trend analysis
×
Info
×
http://apps.identrust.com/roots/dstrootcax3.p7c
http://ip-api.com/line?fields=query
8
Info
×
archive.torproject.org(159.69.63.226)
api.telegram.org(149.154.167.220)
ip-api.com(208.95.112.1)
221.161.198.16
149.154.167.220
159.69.63.226
208.95.112.1
94.142.138.219
5
Info
×
ET INFO TLS Handshake Failure
ET HUNTING Observed Telegram API Domain (api .telegram .org in TLS SNI)
ET POLICY External IP Lookup ip-api.com
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET HUNTING Telegram API Domain in DNS Lookup
14.8
M
52
ZeroCERT
First
1
Last
Total : 1cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
