| No | Date | Request | Urls | Hosts | IDS | Rule | Score | Zero | VT | Player | Etc | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 1 | 2023-04-12 17:19 |
 t40qOrtfDw5JAOa.exe bb3d8386c1b4be06c17f9fba69d87391RedLine stealer[m] PWS .NET framework RAT Admin Tool (Sysinternals etc ...) PWS[m] ScreenShot BitCoin AntiDebug AntiVM .NET EXE PE32 PE File Browser Info Stealer FTP Client Info Stealer VirusTotal Malware PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates executable files unpack itself Windows utilities Collect installed applications Check virtual network interfaces suspicious process AppData folder WriteConsoleW installed browsers check Tofsee Windows Browser ComputerName DNS Cryptographic key Software crashed |
2
|
3 | 2 | 15.0 | 32 | ZeroCERT | ||||||||||||||||
|
|
||||||||||||||||||||||||
- First
- 1
- Last
- Total : 1cnts