Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6401 | July 9, 2021, 6:15 p.m. | July 9, 2021, 6:24 p.m. |
-
cmd.exe "C:\Windows\System32\cmd.exe" /c start /wait "wtMqunxWtk" C:\Users\test22\AppData\Local\Temp\1a.txt
872-
notepad.exe "C:\Windows\system32\NOTEPAD.EXE" C:\Users\test22\AppData\Local\Temp\1a.txt
1304
-
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
description | Take ScreenShot | rule | ScreenShot | ||||||
description | (no description) | rule | DebuggerCheck__GlobalFlags | ||||||
description | (no description) | rule | DebuggerCheck__QueryInfo | ||||||
description | (no description) | rule | DebuggerHiding__Thread | ||||||
description | (no description) | rule | DebuggerHiding__Active | ||||||
description | (no description) | rule | ThreadControl__Context | ||||||
description | (no description) | rule | SEH__vectored | ||||||
description | Checks if being debugged | rule | anti_dbg | ||||||
description | Bypass DEP | rule | disable_dep |
host | 172.67.188.154 |
Lionic | Trojan.Linux.Xarcen.9!c |
MicroWorld-eScan | Trojan.Linux.Agent.IPF |
FireEye | Trojan.Linux.Agent.IPF |
ALYac | Trojan.Linux.Agent.IPF |
Zillya | Trojan.Xorddos.Linux.91 |
Sangfor | Suspicious.Linux.Save.a |
Symantec | Linux.Xorddos |
ESET-NOD32 | a variant of Linux/Xorddos.P |
TrendMicro-HouseCall | ELF_XORDDOS.SM |
Avast | ELF:Xorddos-M [Trj] |
ClamAV | Unix.Trojan.Xorddos-7644452-0 |
Kaspersky | HEUR:Trojan-DDoS.Linux.Xarcen.d |
BitDefender | Trojan.Linux.Agent.IPF |
NANO-Antivirus | Trojan.Elf32.Xarcen.hfirtk |
Tencent | Trojan-Ddos.Linux.Xarcen.a |
Ad-Aware | Trojan.Linux.Agent.IPF |
Sophos | Linux/DDoS-BH |
Comodo | Malware@#54cl3vl8qprt |
DrWeb | Linux.DDoS.86 |
TrendMicro | ELF_XORDDOS.SM |
McAfee-GW-Edition | Linux/DDoS-Xor.B |
Emsisoft | Trojan.Linux.Agent.IPF (B) |
SentinelOne | Static AI - Malicious ELF |
GData | Trojan.Linux.Agent.IPF |
Jiangmin | TrojanDDoS.Linux.qc |
Avira | LINUX/Xorddos.mluqn |
Antiy-AVL | Trojan/Generic.ASELF.23E06 |
Microsoft | DoS:Linux/Xorddos!rfn |
ZoneAlarm | HEUR:Trojan-DDoS.Linux.Xarcen.d |
Cynet | Malicious (score: 99) |
AhnLab-V3 | Linux/Xarcen.Gen |
McAfee | Linux/DDoS-Xor.B |
MAX | malware (ai score=100) |
Rising | Trojan.XorDDoS/Linux!1.A3E4 (CLASSIC) |
Ikarus | Trojan.Linux.Xorddos |
Fortinet | ELF/Xorddos.D!tr |
AVG | ELF:Xorddos-M [Trj] |