No | Date | Request | Urls | Hosts | IDS | Rule | Score | Zero | VT | Player | Etc | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
1 | 2023-08-16 17:48 |
amday.exe aa486e83365ae67a5778758685ca4d6fAmadey UPX .NET framework(MSIL) Malicious Library Admin Tool (Sysinternals etc ...) Http API HTTP Code injection Internet API AntiDebug AntiVM .NET EXE PE File PE32 Lnk Format GIF Format VirusTotal Malware AutoRuns PDB suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities Windows ComputerName DNS |
1
|
1 | 1 | 12.2 | M | 32 | ZeroCERT | |||||||||||||||
|
||||||||||||||||||||||||
2 | 2023-01-19 12:38 |
svcrun.exe ca75120570056492d53d682e9b90f94cUPX .NET EXE PE File PE64 VirusTotal Malware unpack itself Remote Code Execution crashed |
1.8 | M | 16 | ZeroCERT | ||||||||||||||||||
|