Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6401 | Oct. 14, 2021, 5:18 p.m. | Oct. 14, 2021, 5:31 p.m. |
-
monero-bandit.exe "C:\Users\test22\AppData\Local\Temp\monero-bandit.exe"
2972
Name | Response | Post-Analysis Lookup |
---|---|---|
pool.supportxmr.com |
CNAME
pool-fr.supportxmr.com
|
37.187.95.110 |
Suricata Alerts
Flow | SID | Signature | Category |
---|---|---|---|
TCP 192.168.56.101:49202 -> 37.187.95.110:5555 | 2024792 | ET POLICY Cryptocurrency Miner Checkin | Potential Corporate Privacy Violation |
Suricata TLS
No Suricata TLS
section | {u'size_of_data': u'0x0020ba00', u'virtual_address': u'0x00002000', u'entropy': 7.9998634116905425, u'name': u'.rdata', u'virtual_size': u'0x0020b887'} | entropy | 7.99986341169 | description | A section with a high entropy has been found | |||||||||
entropy | 0.998093876579 | description | Overall entropy of this PE file is high |
Lionic | Trojan.Win32.Inject.4!c |
Elastic | malicious (high confidence) |
DrWeb | Trojan.InjectNET.14 |
MicroWorld-eScan | Trojan.GenericKDZ.78431 |
FireEye | Generic.mg.342ef4f2941187bd |
CAT-QuickHeal | Trojan.Inject |
ALYac | Trojan.GenericKDZ.78431 |
Cylance | Unsafe |
Sangfor | Trojan.Win64.Donut.bcy |
K7AntiVirus | Trojan ( 005886841 ) |
Alibaba | Trojan:Win64/Donut.eaa89c76 |
K7GW | Trojan ( 005886841 ) |
CrowdStrike | win/malicious_confidence_100% (W) |
Cyren | W64/Donut.A.gen!Eldorado |
ESET-NOD32 | a variant of Win32/Agent_AGen.AP |
Paloalto | generic.ml |
Kaspersky | Trojan.Win64.Donut.bcy |
BitDefender | Trojan.GenericKDZ.78431 |
Avast | Win64:TrojanX-gen [Trj] |
Tencent | Win64.Trojan.Donut.Lhdm |
Ad-Aware | Trojan.GenericKDZ.78431 |
Sophos | Mal/Generic-S |
McAfee-GW-Edition | Artemis!Trojan |
Emsisoft | Trojan.Agent (A) |
Jiangmin | Trojan.Donut.hx |
Avira | TR/Redcap.llrgw |
MAX | malware (ai score=100) |
Gridinsoft | Trojan.Win64.Agent.vb |
Microsoft | Trojan:Win32/Sabsik.FL.B!ml |
GData | Trojan.GenericKDZ.78431 |
Cynet | Malicious (score: 100) |
AhnLab-V3 | Trojan/Win.Generic.R444169 |
McAfee | Artemis!342EF4F29411 |
VBA32 | Trojan.Inject |
Malwarebytes | Trojan.Agent.Generic |
TrendMicro-HouseCall | TROJ_GEN.R002C0WJ821 |
Yandex | Trojan.Donut!KcD8mNL7U4c |
Ikarus | Trojan.Win32.Agent_agen |
Fortinet | W64/AgentAGen.AP!tr |
Webroot | W32.Trojan.Gen |
AVG | Win64:TrojanX-gen [Trj] |