No | Date | Request | Urls | Hosts | IDS | Rule | Score | Zero | VT | Player | Etc | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
1 | 2021-05-12 14:37 |
r1o.exe c71735c5ec39ab472178ab89a3ee7d35Eredel Stealer Extended Antivirus .NET EXE PE File PE32 VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut Creates executable files unpack itself Windows utilities Disables Windows Security powershell.exe wrote suspicious process AppData folder sandbox evasion WriteConsoleW Windows ComputerName Cryptographic key |
10.6 | M | 23 | r0d | ||||||||||||||||||
|
||||||||||||||||||||||||
2 | 2021-05-12 12:16 |
r1o.exe c71735c5ec39ab472178ab89a3ee7d35Antivirus .NET EXE PE File PE32 VirusTotal Malware powershell suspicious privilege Code Injection Check memory Checks debugger Creates shortcut Creates executable files ICMP traffic unpack itself Windows utilities Disables Windows Security powershell.exe wrote suspicious process AppData folder sandbox evasion WriteConsoleW Windows ComputerName DNS Cryptographic key |
1 | 12.0 | M | 23 | ZeroCERT | |||||||||||||||||
|