No | Date | Request | Urls | Hosts | IDS | Rule | Score | Zero | VT | Player | Etc | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
1 | 2021-05-11 16:55 |
cosmos.exe 810ae4ef26f40a3b18db460a7763bd8bAsyncRAT backdoor PWS .NET framework Malicious Library AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows Cryptographic key |
8.6 | M | 27 | Kim.GS | ||||||||||||||||||
|
||||||||||||||||||||||||
2 | 2021-05-11 10:59 |
cosmos.exe 810ae4ef26f40a3b18db460a7763bd8bAsyncRAT backdoor PWS .NET framework Malicious Library AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows DNS Cryptographic key |
9.2 | M | 27 | ZeroCERT | ||||||||||||||||||
|
||||||||||||||||||||||||
3 | 2021-05-11 09:10 |
ALXxGkCQUwQUkab.exe 3bde41238c5520477847ab69aa014366AsyncRAT backdoor PWS .NET framework Malicious Library .NET EXE PE File PE32 VirusTotal Malware PDB Check memory Checks debugger unpack itself Windows Cryptographic key |
3.4 | M | 23 | ZeroCERT | ||||||||||||||||||
|