Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6401 | April 5, 2021, 10:47 a.m. | April 5, 2021, 10:47 a.m. |
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\1.dll,DF
2948 -
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\1.dll,
1824
Name | Response | Post-Analysis Lookup |
---|---|---|
No hosts contacted. |
IP Address | Status | Action |
---|---|---|
164.124.101.2 | Active | Moloch |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
Elastic | malicious (high confidence) |
DrWeb | Trojan.DownLoader38.22243 |
MicroWorld-eScan | Trojan.GenericKD.46015592 |
FireEye | Generic.mg.5512180f20e8279a |
ALYac | Trojan.GenericKD.46015592 |
Sangfor | Trojan.Win32.Wacatac.B |
K7GW | Trojan ( 0057a28d1 ) |
CrowdStrike | win/malicious_confidence_100% (W) |
BitDefenderTheta | Gen:NN.ZedlaF.34670.eq4@aqnXp8d |
Symantec | ML.Attribute.HighConfidence |
ESET-NOD32 | a variant of Generik.IFNXACC |
APEX | Malicious |
Avast | Win32:Trojan-gen |
Kaspersky | Trojan.Win32.Crypt.akup |
BitDefender | Trojan.GenericKD.46015592 |
Paloalto | generic.ml |
Rising | Malware.Undefined!8.C (CLOUD) |
Ad-Aware | Trojan.GenericKD.46015592 |
Sophos | Mal/Generic-S |
Comodo | Malware@#3aghijb709ur4 |
VIPRE | Trojan.Win32.Generic!BT |
McAfee-GW-Edition | RDN/GenericM |
Emsisoft | Trojan.GenericKD.46015592 (B) |
Avira | TR/Crypt.ncsiy |
MAX | malware (ai score=82) |
Kingsoft | Win32.Troj.Undef.(kcloud) |
Microsoft | Trojan:Win32/Wacatac.B!ml |
AegisLab | Trojan.Win32.Crypt.4!c |
GData | Trojan.GenericKD.46015592 |
Cynet | Malicious (score: 100) |
AhnLab-V3 | Trojan/Win.Generic.C4403057 |
McAfee | RDN/GenericM |
Ikarus | Trojan.SuspectCRC |
Fortinet | W32/Generik.IFNXACC!tr |
AVG | Win32:Trojan-gen |
Panda | Trj/GdSda.A |
Qihoo-360 | Win32/Trojan.Crypt.HygBWCcA |