No | Date | Request | Urls | Hosts | IDS | Rule | Score | Zero | VT | Player | Etc | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
1 | 2021-05-12 09:37 |
aclarck.txt 2e0d574bf00170bb5a448510c2226408AsyncRAT backdoor PWS .NET framework Antivirus HTTP Code injection Http API Internet API AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself powershell.exe wrote suspicious process WriteConsoleW Windows ComputerName Cryptographic key |
10.4 | 47 | ZeroCERT | |||||||||||||||||||
|