| No | Date | Request | Urls | Hosts | IDS | Rule | Score | Zero | VT | Player | Etc | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 1 | 2021-09-14 10:06 |
 qu2.exe a8ea59af5d4d2b6d07e62e9e26b9259dEmotet Gen2 RAT PWS .NET framework Generic Malware Themida Packer Malicious Packer Anti_VM Malicious Library UPX PE File OS Processor Check .NET EXE PE32 Browser Info Stealer FTP Client Info Stealer VirusTotal Malware suspicious privilege Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Checks Bios Collect installed applications Detects VMWare Check virtual network interfaces AppData folder suspicious TLD VMware anti-virtualization installed browsers check Tofsee Windows Browser ComputerName Remote Code Execution Firmware DNS Cryptographic key Software crashed |
2
|
5 | 3 | 13.8 | M | 26 | ZeroCERT | |||||||||||||||
|
|
||||||||||||||||||||||||
- First
- 1
- Last
- Total : 1cnts