Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6401 | May 26, 2021, 8:59 a.m. | May 26, 2021, 9:02 a.m. |
-
richedit.exe "C:\Users\test22\AppData\Local\Temp\richedit.exe"
1108
Name | Response | Post-Analysis Lookup |
---|---|---|
No hosts contacted. |
IP Address | Status | Action |
---|---|---|
164.124.101.2 | Active | Moloch |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
section | CODE |
section | DATA |
section | BSS |
name | RT_ICON | language | LANG_CHINESE | filetype | dBase IV DBT of @.DBF, block length 512, next free block index 40, next free block 4294967192, next used block 128 | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x00065610 | size | 0x000002e8 | ||||||||||||||||||
name | RT_GROUP_ICON | language | LANG_CHINESE | filetype | data | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x0006b37c | size | 0x00000014 | ||||||||||||||||||
name | RT_VERSION | language | LANG_CHINESE | filetype | data | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x0006b390 | size | 0x000002d0 |
DrWeb | Trojan.DownLoad4.8537 |
MicroWorld-eScan | Backdoor.Generic.621674 |
FireEye | Backdoor.Generic.621674 |
McAfee | Generic PWS.y!dci |
Cylance | Unsafe |
Sangfor | Riskware.Win32.Agent.ky |
Cybereason | malicious.cab1dc |
Symantec | Trojan.Gen.2 |
APEX | Malicious |
ClamAV | Win.Trojan.Agent-895210 |
Kaspersky | UDS:DangerousObject.Multi.Generic |
BitDefender | Backdoor.Generic.621674 |
NANO-Antivirus | Trojan.Win32.QQMusic.dgryww |
AegisLab | Trojan.Win32.Generic.4!c |
Tencent | Win32.Trojan.Psw.Pgwl |
Ad-Aware | Backdoor.Generic.621674 |
Emsisoft | Backdoor.Generic.621674 (B) |
VIPRE | Trojan.Win32.Generic!BT |
McAfee-GW-Edition | Generic PWS.y!dci |
MaxSecure | Trojan.Malware.300983.susgen |
MAX | malware (ai score=99) |
Antiy-AVL | Trojan/Generic.ASMalwS.85BEB6 |
Microsoft | Trojan:Win32/Occamy.CC4 |
GData | Backdoor.Generic.621674 |
VBA32 | Trojan.Download |
ALYac | Backdoor.Generic.621674 |
Rising | Trojan.Bitrep!8.F596 (CLOUD) |
Yandex | Trojan.PWS.QQMusic!Cp0N0fXtH4o |
Fortinet | PWS_y.DCI!tr |
Webroot | W32.Malware.Gen |
Panda | Trj/CI.A |