No | Date | Request | Urls | Hosts | IDS | Rule | Score | Zero | VT | Player | Etc | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
1 | 2023-07-25 18:57 |
scand548226.exe 92899ca104e6ac22954956977522eebbRedLine stealer PWS AntiDebug AntiVM BitCoin .NET EXE PE File PE32 VirusTotal Malware AutoRuns Code Injection Check memory Checks debugger buffers extracted Creates executable files ICMP traffic unpack itself Windows utilities Check virtual network interfaces suspicious process AppData folder Windows ComputerName DNS Cryptographic key |
1 | 13.4 | M | 37 | ZeroCERT | |||||||||||||||||
|
||||||||||||||||||||||||
2 | 2023-07-25 18:50 |
scania54646.exe e1f944688e00a6753e1dfa4e5d8a7670Generic Malware Antivirus PWS AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware AutoRuns suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities suspicious process AppData folder WriteConsoleW Windows ComputerName Cryptographic key |
12.8 | M | 52 | ZeroCERT | ||||||||||||||||||
|