No | Date | Request | Urls | Hosts | IDS | Rule | Score | Zero | VT | Player | Etc | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
1 | 2021-07-13 09:50 |
myfile.exe c7364193b982c090d8426630dab87226RedLine Stealer Admin Tool (Sysinternals etc ...) Code injection ScreenShot persistence AntiDebug AntiVM PE File PE32 DLL OS Processor Check VirusTotal Malware Buffer PE PDB Code Injection Checks debugger buffers extracted Creates executable files unpack itself AppData folder Remote Code Execution |
8.6 | 24 | ZeroCERT | |||||||||||||||||||
|