| No | Date | Request | Urls | Hosts | IDS | Rule | Score | Zero | VT | Player | Etc | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 1 | 2024-10-08 21:47 |
 taskhostw.exe a3939099773cda5b2c94a6f1061ffa19Generic Malware Malicious Library .NET framework(MSIL) Antivirus PWS SMTP KeyLogger AntiDebug AntiVM PE File .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Email Client Info Stealer Malware powershell Telegram suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut unpack itself Windows utilities Collect installed applications powershell.exe wrote Check virtual network interfaces suspicious process WriteConsoleW IP Check installed browsers check Tofsee Windows Browser Email ComputerName DNS Cryptographic key DDNS Software crashed keylogger |
2
|
8 | 9 | 19.2 | M | 43 | ZeroCERT | |||||||||||||||
|
|
||||||||||||||||||||||||
- First
- 1
- Last
- Total : 1cnts