3ebce3a4.png| Category | Machine | Started | Completed |
|---|---|---|---|
| FILE | s1_win7_x6402 | June 24, 2021, 6:49 p.m. | June 24, 2021, 6:58 p.m. |
-
cmd.exe "C:\Windows\System32\cmd.exe" /c start /wait "fbhyyeBNoqZBA" C:\Users\test22\AppData\Local\Temp\3ebce3a4.png
2504
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| No hosts contacted. | ||
| IP Address | Status | Action |
|---|---|---|
| 172.217.25.14 | Active | Moloch |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
| host | 172.217.25.14 | |||
| MicroWorld-eScan | Gen:Variant.Bulz.446252 |
| CAT-QuickHeal | Trojan.Convagent |
| Zillya | Trojan.Convagent.Win32.3606 |
| Arcabit | Trojan.Bulz.D6CF2C |
| Cyren | W64/Trojan.YKWW-0822 |
| Symantec | Trojan.Gen.MBT |
| ESET-NOD32 | multiple detections |
| TrendMicro-HouseCall | TrojanSpy.Win64.NOON.UHBAZCLOC |
| Avast | Win32:ExploitX-gen [Expl] |
| ClamAV | Win.Trojan.Bulz-9863763-0 |
| Kaspersky | Trojan.VBS.Agent.avh |
| BitDefender | Gen:Variant.Bulz.446252 |
| NANO-Antivirus | Trojan.Win64.Packed2.iwazfy |
| AegisLab | Trojan.VBS.Agent.4!c |
| Tencent | Win32.Trojan.Agentb.Wsae |
| Sophos | Mal/Generic-R |
| DrWeb | Trojan.Packed2.43111 |
| TrendMicro | TROJ_GEN.R002C0PFG21 |
| McAfee-GW-Edition | RDN/Generic.com |
| FireEye | Gen:Variant.Bulz.446252 |
| Emsisoft | Gen:Variant.Bulz.446252 (B) |
| Avira | TR/VB.Agent.gnhre |
| MAX | malware (ai score=81) |
| Microsoft | Trojan:Win32/Phonzy.A!ml |
| GData | Script.Trojan.PurpleFox.D |
| Cynet | Malicious (score: 99) |
| McAfee | RDN/Generic.com |
| VBA32 | Trojan.Packed |
| Rising | Trojan.PurpleFox/MSI!1.D10D (CLASSIC) |
| Ikarus | Trojan.Win32.VMProtect |
| Fortinet | W32/PossibleThreat |
| BitDefenderTheta | Gen:NN.ZedlaF.34758.rG4@aWpFvhd |
| AVG | Win32:ExploitX-gen [Expl] |