Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6401 | April 8, 2021, 9:15 a.m. | April 8, 2021, 9:41 a.m. |
Name | Response | Post-Analysis Lookup |
---|---|---|
No hosts contacted. |
IP Address | Status | Action |
---|---|---|
164.124.101.2 | Active | Moloch |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
section | .gfids |
section | {u'size_of_data': u'0x00007c00', u'virtual_address': u'0x0002f000', u'entropy': 7.711559631072084, u'name': u'.data', u'virtual_size': u'0x00008e00'} | entropy | 7.71155963107 | description | A section with a high entropy has been found |
Elastic | malicious (high confidence) |
FireEye | Generic.mg.a062400119a4a2b8 |
Cybereason | malicious.dde99b |
APEX | Malicious |
Avast | FileRepMalware |
McAfee-GW-Edition | BehavesLike.Win64.Dropper.dh |
Webroot | W32.Malware.Gen |
Microsoft | Trojan:Win32/Casdet!rfn |
Cynet | Malicious (score: 100) |
McAfee | Artemis!A062400119A4 |
AVG | FileRepMalware |
CrowdStrike | win/malicious_confidence_70% (W) |