No | Date | Request | Urls | Hosts | IDS | Rule | Score | Zero | VT | Player | Etc | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
1 | 2021-05-12 12:09 |
Driveradamson.exe ccc7803389733e45ce179ae208242269AgentTesla AsyncRAT backdoor PWS .NET framework Malicious Library Antivirus Sniff Audio KeyLogger ScreenShot DGA DNS Socket Create Service HTTP Escalate priviledges FTP Code injection Http API Internet API Steal credential Downloader P2P AntiDebug AntiVM VirusTotal Malware powershell AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName DNS Cryptographic key |
15.2 | M | 46 | ZeroCERT | ||||||||||||||||||
|