No | Date | Request | Urls | Hosts | IDS | Rule | Score | Zero | VT | Player | Etc | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
1 | 2021-07-07 17:44 |
IMG_89133.exe cf88a7f5c3dfd0501d80e443827a44fePWS .NET framework RAT Generic Malware PE File .NET EXE PE32 VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself crashed |
2.8 | M | 29 | guest | ||||||||||||||||||
|
||||||||||||||||||||||||
2 | 2021-04-28 18:31 |
IMG_88134.exe 4d0b19cd29e6c8ce724607b85771de8dAsyncRAT backdoor Antivirus AntiDebug AntiVM PE File PE32 .NET EXE Browser Info Stealer FTP Client Info Stealer VirusTotal Malware powershell suspicious privilege Code Injection Malicious Traffic Check memory Checks debugger buffers extracted Creates shortcut Creates executable files unpack itself Windows utilities Disables Windows Security Collect installed applications powershell.exe wrote Check virtual network interfaces suspicious process AppData folder sandbox evasion WriteConsoleW installed browsers check Tofsee Windows Browser ComputerName DNS Cryptographic key Software crashed |
4
|
5 | 3 | 2 | 18.2 | M | 17 | ZeroCERT | ||||||||||||||
|