Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6402 | July 9, 2021, 6:15 p.m. | July 9, 2021, 6:21 p.m. |
-
cmd.exe "C:\Windows\System32\cmd.exe" /c start /wait "XdFAyoCbeA" C:\Users\test22\AppData\Local\Temp\1.txt
2416-
notepad.exe "C:\Windows\system32\NOTEPAD.EXE" C:\Users\test22\AppData\Local\Temp\1.txt
2524
-
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
description | Take ScreenShot | rule | ScreenShot | ||||||
description | (no description) | rule | DebuggerCheck__GlobalFlags | ||||||
description | (no description) | rule | DebuggerCheck__QueryInfo | ||||||
description | (no description) | rule | DebuggerHiding__Thread | ||||||
description | (no description) | rule | DebuggerHiding__Active | ||||||
description | (no description) | rule | ThreadControl__Context | ||||||
description | (no description) | rule | SEH__vectored | ||||||
description | Checks if being debugged | rule | anti_dbg | ||||||
description | Bypass DEP | rule | disable_dep |
host | 104.21.19.200 | |||
host | 147.124.213.132 |
Lionic | Trojan.Linux.Xarcen.9!e |
MicroWorld-eScan | Trojan.Linux.Generic.182662 |
FireEye | Trojan.Linux.Generic.182662 |
ALYac | Trojan.Linux.Generic.182662 |
Sangfor | Suspicious.Linux.Save.a |
Cyren | E32/Xorddos.A.gen!Camelot |
Symantec | Linux.Xorddos |
ESET-NOD32 | a variant of Linux/Xorddos.C |
TrendMicro-HouseCall | ELF_XORDDOS.SM |
Avast | ELF:Xorddos-E [Trj] |
ClamAV | Unix.Trojan.DDoS_XOR-1 |
Kaspersky | HEUR:Trojan-DDoS.Linux.Xarcen.a |
BitDefender | Trojan.Linux.Generic.182662 |
NANO-Antivirus | Trojan.Elf32.Xarcen.eftmox |
Rising | Trojan.XorDDoS/Linux!1.A3E4 (CLASSIC) |
Ad-Aware | Trojan.Linux.Generic.182662 |
Emsisoft | Trojan.Linux.Generic.182662 (B) |
Comodo | Malware@#p1qhhl8kb8r4 |
DrWeb | Linux.DDoS.Xor.4 |
Zillya | Trojan.Xorddos.Linux.34 |
TrendMicro | ELF_XORDDOS.SM |
McAfee-GW-Edition | Linux/DDoS-Xor.A |
Sophos | Linux/DDoS-BH |
Ikarus | Trojan.Linux.DDoS |
Avast-Mobile | ELF:Xorddos-I [Trj] |
Jiangmin | TrojanDDoS.Linux.ff |
Avira | LINUX/Xorddos.cona |
Antiy-AVL | Trojan/Generic.ASELF.D64 |
Microsoft | Backdoor:Win32/Berbew |
Gridinsoft | Virus.U.Doser.oa |
ViRobot | Trojan.Linux.XorDDoS.B |
ZoneAlarm | HEUR:Trojan-DDoS.Linux.Xarcen.a |
GData | Trojan.Linux.Generic.182662 |
Cynet | Malicious (score: 99) |
AhnLab-V3 | Linux/Xorddos.625867 |
McAfee | Linux/DDoS-Xor.A |
MAX | malware (ai score=100) |
Tencent | Trojan.Linux.XorDdos.a |
SentinelOne | Static AI - Malicious ELF |
MaxSecure | Trojan.Malware.121218.susgen |
Fortinet | ELF/DDoS.BH!tr |
AVG | ELF:Xorddos-E [Trj] |
Panda | ELF/XorDDos.A |