Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6402 | April 29, 2021, 10:18 p.m. | April 29, 2021, 10:20 p.m. |
-
-
pxplay.exe C:\Users\test22\AppData\Local\Temp\mvuFF29.tmp\pxplay.exe -stub C:\Users\test22\AppData\Local\Temp\download.blog,""
8708
-
Name | Response | Post-Analysis Lookup |
---|---|---|
No hosts contacted. |
IP Address | Status | Action |
---|---|---|
172.217.25.14 | Active | Moloch |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
packer | Armadillo v1.71 |
file | C:\Users\test22\AppData\Local\Temp\mvuFF29.tmp\pxplay.exe |
file | C:\Users\test22\AppData\Local\Temp\mvuFF29.tmp\ddt.dnt |
file | C:\Users\test22\AppData\Local\Temp\mvuFF29.tmp\pxplay.exe |
host | 172.217.25.14 |
file | C:\Users\test22\AppData\Local\Temp\mvuFF29.tmp |
file | C:\Users\test22\AppData\Local\Temp\mvuFF29.tmp\pxplay.exe |
McAfee | Artemis!0E65369CE84E |
AegisLab | Virus.Win32.Virut.n!c |
Sangfor | Virus.Win32.Virut.A |
K7AntiVirus | Riskware ( 0040eff71 ) |
K7GW | Riskware ( 0040eff71 ) |
Kaspersky | UDS:Virus.Win32.Virut.a |
Alibaba | Virus:Win32/Virut.c5f0fcc2 |
NANO-Antivirus | Trojan.Win32.DownLoad2.epaaqp |
Avast | FileRepMalware |
Rising | Virus.Virut!8.44 (CLOUD) |
McAfee-GW-Edition | Artemis |
Sophos | Mal/Generic-S |
Microsoft | Program:Win32/Wacapew.C!ml |
GData | Win32.Worm.Bobax.7F6CRN |
VBA32 | Virus.Win32.Virut.A |
Ikarus | Worm.Win32.Bobax |
Fortinet | W32/PossibleThreat |
AVG | FileRepMalware |