navitas_employee_survey.hta| Category | Machine | Started | Completed |
|---|---|---|---|
| FILE | s1_win7_x6402 | Sept. 22, 2021, 10:05 p.m. | Sept. 22, 2021, 10:26 p.m. |
-
mshta.exe "C:\Windows\System32\mshta.exe" C:\Users\test22\AppData\Local\Temp\navitas_employee_survey.hta
2024
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| www.healthsouthdothan.com |
CNAME
healthsouthdothan.com
|
13.59.208.38 |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
| request | GET http://www.healthsouthdothan.com/components/tab_home.ico |
| request | GET http://www.healthsouthdothan.com/tab_home_active |
| DrWeb | MACRO.Virus |
| MicroWorld-eScan | VB:Trojan.Valyria.481 |
| FireEye | VB:Trojan.Valyria.481 |
| CAT-QuickHeal | VBS.Trojan.Script.38976 |
| McAfee | HTML/Injector.a |
| Symantec | Trojan.Malscript |
| ESET-NOD32 | Win32/Rozena.XZ |
| Avast | VBS:Agent-BTN [Trj] |
| ClamAV | Html.Trojan.CobaltStrike-7932564-0 |
| Kaspersky | Trojan.VBS.MacroDisable.b |
| BitDefender | VB:Trojan.Valyria.481 |
| NANO-Antivirus | Trojan.Script.Vbs-heuristic.druvzi |
| Rising | HackTool.MacroRunner/VBS!1.D1CA (CLASSIC) |
| Ad-Aware | VB:Trojan.Valyria.481 |
| Emsisoft | VB:Trojan.Valyria.481 (B) |
| McAfee-GW-Edition | BehavesLike.HTML.Backdoor.mr |
| Sophos | ATK/VBSInj-C |
| MAX | malware (ai score=83) |
| Microsoft | Trojan:VBS/Valyria.A!MSR |
| GData | VB:Trojan.Valyria.481 |
| ALYac | VB:Trojan.Valyria.481 |
| Tencent | Html.Win32.Script.504167 |
| Ikarus | Trojan.VB.Valyria |
| Fortinet | VBS/Rozena.XZ!tr |
| AVG | VBS:Agent-BTN [Trj] |