No | Date | Request | Urls | Hosts | IDS | Rule | Score | Zero | VT | Player | Etc | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
1 | 2024-01-30 08:00 |
ma.exe 9b3430f42a0fb00d014c2fa208662865North Korea task schedule Downloader Malicious Packer UPX Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection Internet API persistence FTP KeyLogger P2P AntiDebug AntiVM PE File PE64 AutoRuns suspicious privilege MachineGuid Code Injection Check memory Checks debugger Creates executable files unpack itself Windows utilities suspicious process malicious URLs WriteConsoleW Windows ComputerName Remote Code Execution crashed |
7.2 | M | ZeroCERT | |||||||||||||||||||
|