# ZSecEye

> Malware sample analysis and threat intelligence portal.

## What this site provides
- Sample analysis reports (IOC, C2, behavior, family attribution)
- Search by MD5, SHA256, or IPv4 address
- Machine-readable JSON metadata per report
- Atom RSS feed of published reports

## Key URLs
- Home: https://zseceye.com/
- RSS: https://zseceye.com/feeds/samples.xml
- Sitemap: https://zseceye.com/sitemap.xml
- Report HTML: https://zseceye.com/report/{report-id}
- Report JSON: https://zseceye.com/report/{report-id}.json
- Hash lookup: https://zseceye.com/hash/{md5-or-sha256}
- Search: https://zseceye.com/?q={md5|sha256|ipv4}

## Example lookups
- https://zseceye.com/hash/adfff8f7d617143b73b21d7e3c23cb7f
- https://zseceye.com/?q=adfff8f7d617143b73b21d7e3c23cb7f

## Recent reports
- https://zseceye.com/report/20260603-0a2b7335-PE-CredStealer
  JSON: https://zseceye.com/report/20260603-0a2b7335-PE-CredStealer.json
  Hash: https://zseceye.com/hash/adfff8f7d617143b73b21d7e3c23cb7f
  SOUOIEZpuaM / Go CredStealer (eq.io) · MD5:adfff8f7d617143b73b21d7e3c23cb7f
  Summary: Go 编译的凭证窃取木马 (SOUOIEZpuaM 项目, eq.io 模块)，通过 WebSocket C2 渗出窃取的凭据。目标覆盖 Chrome/Edge/Brave/Opera/Vivaldi/Chromium/Firefox 等…
- https://zseceye.com/report/20260603-28ad8bea-PE-Mozi-CN
  JSON: https://zseceye.com/report/20260603-28ad8bea-PE-Mozi-CN.json
  Hash: https://zseceye.com/hash/a5ba73839257796a04cce3266cb96b9c
  Mozi / Revolution RAT (GitHub: nosyliam/revolution) · MD5:a5ba73839257796a04cce3266cb96b9c
  Summary: 基于 GitHub 开源项目 nosyliam/revolution 编译的 Windows 远程访问木马 (RAT)。集成 Direct3D11 GPU 屏幕捕获、WireGuard VPN 隧道、Protobuf 序列化 C2 协议。…