Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6401 | July 7, 2021, 10:27 a.m. | July 7, 2021, 10:29 a.m. |
-
autosubplayer.exe "C:\Users\test22\AppData\Local\Temp\autosubplayer.exe"
2388
Name | Response | Post-Analysis Lookup |
---|---|---|
No hosts contacted. |
IP Address | Status | Action |
---|---|---|
164.124.101.2 | Active | Moloch |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
section | .ndata |
file | C:\Users\test22\AppData\Local\Temp\nso64A0.tmp\nsDialogs.dll |
file | C:\Users\test22\AppData\Local\Temp\nso64A0.tmp\System.dll |
file | C:\Users\test22\AppData\Local\Temp\nso64A0.tmp\System.dll |
file | C:\Users\test22\AppData\Local\Temp\nso64A0.tmp\nsDialogs.dll |
section | {u'size_of_data': u'0x00006a00', u'virtual_address': u'0x0000b000', u'entropy': 7.299408808107717, u'name': u'.rdata', u'virtual_size': u'0x000069d8'} | entropy | 7.29940880811 | description | A section with a high entropy has been found |
Bkav | W32.AIDetect.malware1 |
Cynet | Malicious (score: 99) |
Kaspersky | HEUR:Trojan-Downloader.Win32.Bitser.gen |
DrWeb | Trojan.Wdfload.508 |
McAfee-GW-Edition | BehavesLike.Win32.Dropper.rc |
Avira | HEUR/AGEN.1138824 |
Microsoft | Trojan:Win32/Wacatac.B!ml |
Rising | Trojan.PSRunner/NSIS!1.D5F9 (CLASSIC) |
Fortinet | NSIS/Bitser.BD3!tr |
AVG | Win32:Evo-gen [Susp] |
Avast | Win32:Evo-gen [Susp] |
Qihoo-360 | HEUR/QVM20.1.69AD.Malware.Gen |