No | Date | Request | Urls | Hosts | IDS | Rule | Score | Zero | VT | Player | Etc | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
1 | 2024-01-13 19:27 |
1.exe 61266f99271cd5605d384c2953ac4fbfAdmin Tool (Sysinternals etc ...) .NET framework(MSIL) Malicious Library UPX Socket ScreenShot Steal credential DNS Code injection AntiDebug AntiVM PE32 PE File MSOffice File .NET EXE DLL OS Processor Check Buffer PE PDB Code Injection Check memory Checks debugger buffers extracted Creates executable files unpack itself Detects VirtualBox AppData folder malicious URLs Windows ComputerName DNS Cryptographic key |
1 | 9.6 | M | ZeroCERT | ||||||||||||||||||
|