No | Date | Request | Urls | Hosts | IDS | Rule | Score | Zero | VT | Player | Etc | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
1 | 2021-07-04 11:06 |
paypall.exe 66b4e1480891e217a8d38d63db386ca4NPKI Malicious Library UPX DGA DNS Socket Create Service Sniff Audio HTTP Escalate priviledges KeyLogger FTP Hijack Network Code injection Http API Internet API Steal credential ScreenShot Downloader P2P persistence AntiDebug AntiVM PE File PE32 OS Proces Malware download VirusTotal Malware Buffer PE AutoRuns Code Injection Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Windows utilities suspicious process AppData folder malicious URLs AntiVM_Disk WriteConsoleW VM Disk Size Check SectopRAT Windows ComputerName DNS |
2 | 1 | 13.6 | 22 | ZeroCERT | |||||||||||||||||
|