| No | Date | Request | Urls | Hosts | IDS | Rule | Score | Zero | VT | Player | Etc | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 1 | 2024-01-13 19:18 |
 one.exe bd94daa7872d164c29dcdf71a89b4771Client SW User Data Stealer LokiBot ftp Client info stealer Admin Tool (Sysinternals etc ...) .NET framework(MSIL) Malicious Library UPX Http API PWS Code injection AntiDebug AntiVM PE32 PE File MSOffice File .NET EXE DLL OS Processor Check VirusTotal Malware Telegram Buffer PE PDB MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself AppData folder malicious URLs Tofsee Windows ComputerName DNS Cryptographic key crashed |
2
|
5 | 3 | 12.6 | 37 | ZeroCERT | ||||||||||||||||
|
|
||||||||||||||||||||||||
- First
- 1
- Last
- Total : 1cnts