Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6402 | June 25, 2021, 9:57 a.m. | June 25, 2021, 10:54 a.m. |
-
-
fcrtrtosk.exe "C:\Users\test22\AppData\Local\Temp\fcrtrtosk.exe"
2864
-
Name | Response | Post-Analysis Lookup |
---|---|---|
houseluxury-re.ch | 80.88.87.243 |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
registry | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\MachineGuid |
section | .ndata |
suspicious_features | POST method with no referer header | suspicious_request | POST http://houseluxury-re.ch/toskulo/PL341/index.php |
request | POST http://houseluxury-re.ch/toskulo/PL341/index.php |
request | GET http://houseluxury-re.ch/cgi-sys/suspendedpage.cgi |
request | POST http://houseluxury-re.ch/toskulo/PL341/index.php |
file | C:\Users\test22\AppData\Local\Temp\nstFE20.tmp\System.dll |
file | C:\Users\test22\AppData\Local\Temp\nstFE20.tmp\System.dll |
host | 172.217.25.14 |
DrWeb | Trojan.Loader.843 |
MicroWorld-eScan | Gen:Variant.Bulz.522931 |
FireEye | Gen:Variant.Bulz.522931 |
CAT-QuickHeal | Trojan.Injects |
ALYac | Gen:Variant.Bulz.522931 |
Cylance | Unsafe |
Sangfor | Riskware.Win32.Agent.ky |
K7AntiVirus | Trojan ( 0057e2dc1 ) |
Alibaba | Trojan:Win32/FormBook.5a31e2a5 |
K7GW | Trojan ( 0057e2dc1 ) |
Cyren | W32/Ninjector.J.gen!Camelot |
Symantec | Packed.Generic.610 |
ESET-NOD32 | NSIS/Injector.AMJ |
APEX | Malicious |
Avast | Win32:Malware-gen |
ClamAV | Win.Trojan.Tnega-9874034-0 |
Kaspersky | HEUR:Trojan.Win32.Injects.gen |
BitDefender | Gen:Variant.Bulz.522931 |
Ad-Aware | Gen:Variant.Bulz.522931 |
Emsisoft | Gen:Variant.Bulz.522931 (B) |
Comodo | Malware@#dd96r0bpc22x |
VIPRE | Trojan.Win32.Generic!BT |
TrendMicro | TROJ_GEN.R049C0DFK21 |
McAfee-GW-Edition | RDN/Generic Dropper |
Sophos | Mal/Generic-S |
Avira | TR/AD.MoksSteal.fkvqr |
MAX | malware (ai score=88) |
Kingsoft | Win32.Troj.Undef.(kcloud) |
Microsoft | Trojan:Win32/FormBook.AM!MTB |
Gridinsoft | Trojan.Win32.Downloader.sa |
Arcabit | Trojan.Bulz.D7FAB3 |
AegisLab | Trojan.Win32.Injects.4!c |
GData | Gen:Variant.Bulz.522931 |
Cynet | Malicious (score: 99) |
AhnLab-V3 | Trojan/Win.Tnega.R426262 |
McAfee | RDN/Generic Dropper |
VBA32 | BScope.Trojan-Dropper.Injector |
Malwarebytes | Spyware.LokiBot |
TrendMicro-HouseCall | TROJ_GEN.R049C0DFK21 |
Rising | Trojan.Injector/NSIS!1.D743 (CLASSIC) |
Fortinet | W32/Kryptik.J!tr |
Webroot | W32.Malware.Gen |
AVG | Win32:Malware-gen |
Panda | Trj/CI.A |
CrowdStrike | win/malicious_confidence_100% (W) |