| No | Date | Request | Urls | Hosts | IDS | Rule | Score | Zero | VT | Player | Etc | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 1 | 2023-09-26 19:44 |
 amday.exe 010a01d7d42e46870c9b44781256dcc8Amadey Downloader Admin Tool (Sysinternals etc ...) UPX MPRESS Create Service Socket P2P DGA Steal credential Http API Escalate priviledges PWS Hijack Network Sniff Audio HTTP DNS ScreenShot Code injection Internet API persistence FTP KeyLogger AntiDebug Malware download Amadey VirusTotal Malware AutoRuns PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities Checks Bios Detects VirtualBox Detects VMWare suspicious process malicious URLs WriteConsoleW VMware anti-virtualization Windows ComputerName Firmware DNS crashed |
2
|
3 | 5 | 1 | 18.4 | M | 56 | ZeroCERT | ||||||||||||||
|
|
||||||||||||||||||||||||
- First
- 1
- Last
- Total : 1cnts