Summary | ZeroBOX

c54893932feb406033f276e4e924ea33.exe

UPX Malicious Library OS Processor Check PE32 PE File
Category Machine Started Completed
FILE s1_win7_x6401 Oct. 28, 2021, 3 p.m. Oct. 28, 2021, 3:02 p.m.
Size 89.5KB
Type PE32 executable (console) Intel 80386, for MS Windows
MD5 ff3fffe53dee30a1c24bf86d419bd4ac
SHA256 25d79c1a508700c16bfa42039870d590bb3281c271ed02db20899c87259c657f
CRC32 00246C00
ssdeep 1536:4ZxrW2eq7mQeNzn26jO0+7I+LeScuT1Gd5anG7IW1V7hYxamr+s8jcdMTWgM/D:4bEZQC26S0+7NeSrTcTanGEWLh477MT8
Yara
  • PE_Header_Zero - PE File Signature
  • OS_Processor_Check_Zero - OS Processor Check
  • IsPE32 - (no description)
  • Malicious_Library_Zero - Malicious_Library
  • UPX_Zero - UPX packed file

IP Address Status Action
104.21.85.99 Active Moloch
164.124.101.2 Active Moloch
23.206.175.43 Active Moloch

Suricata Alerts

Flow SID Signature Category
TCP 192.168.56.101:49204 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49219 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49205 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49220 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49207 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49223 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49229 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49200 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49234 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49236 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49237 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49218 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49238 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49240 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49242 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49227 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49232 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49233 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49241 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49214 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49245 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49222 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49247 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49224 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49208 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49231 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49244 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49209 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49251 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49256 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49255 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49217 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49210 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49211 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49225 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49213 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49228 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49212 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49239 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49230 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49253 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49235 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49254 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49246 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49215 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49249 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49252 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49216 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49257 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49258 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49266 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49269 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49221 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49271 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49275 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49226 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49261 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49262 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49277 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49278 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49276 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49285 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49303 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49306 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49312 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49263 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49265 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49283 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49248 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49286 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49288 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49250 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49289 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49292 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49295 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49264 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49299 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49270 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49272 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49243 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49273 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49260 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49274 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49279 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49284 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49294 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49297 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49298 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49300 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49302 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49280 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49287 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49259 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49267 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49268 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49293 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49296 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49301 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49281 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49282 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49290 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49291 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49304 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.101:49305 -> 104.21.85.99:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined

Suricata TLS

Flow Issuer Subject Fingerprint
TLSv1
192.168.56.101:49204
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49219
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49205
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49220
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49207
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49223
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49229
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49234
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49200
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49236
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49237
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49218
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49238
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49240
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49242
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49227
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49232
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49233
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49241
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49214
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49245
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49222
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49247
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49224
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49208
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49231
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49244
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49209
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49251
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49256
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49255
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49217
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49210
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49211
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49225
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49213
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49228
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49212
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49239
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49230
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49253
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49235
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49254
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49246
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49215
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49249
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49252
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49216
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49257
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49258
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49266
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49269
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49221
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49271
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49275
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49226
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49261
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49262
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49277
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49278
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49276
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49285
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49303
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49306
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49312
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49263
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49265
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49283
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49248
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49286
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49288
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49250
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49289
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49292
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49295
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49264
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49299
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49270
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49272
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49243
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49273
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49260
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49274
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49279
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49284
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49294
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49297
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49298
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49300
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49302
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49280
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49287
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49259
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49267
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49268
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49293
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49296
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49301
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49281
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49282
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49290
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49291
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49304
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.101:49305
104.21.85.99:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1

Time & API Arguments Status Return Repeated

GlobalMemoryStatusEx

1 1 0
section .gfids
request GET http://apps.identrust.com/roots/dstrootcax3.p7c
Time & API Arguments Status Return Repeated

GetAdaptersAddresses

flags: 15
family: 0
111 0
Elastic malicious (high confidence)
MicroWorld-eScan Trojan.GenericKD.47252368
FireEye Trojan.GenericKD.47252368
ALYac Trojan.GenericKD.47252368
Cylance Unsafe
Sangfor Backdoor.MSIL.Mokes.bg
K7AntiVirus Riskware ( 0040eff71 )
Alibaba Backdoor:MSIL/Mokes.10565ce5
K7GW Riskware ( 0040eff71 )
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of Win32/TrojanDownloader.Agent_AGen.E
APEX Malicious
Paloalto generic.ml
Kaspersky Backdoor.MSIL.Mokes.bg
BitDefender Trojan.GenericKD.47252368
Avast Win32:MalwareX-gen [Trj]
Ad-Aware Trojan.GenericKD.47252368
Emsisoft Trojan.GenericKD.47252368 (B)
McAfee-GW-Edition Artemis!Trojan
Sophos Mal/Generic-S
Ikarus Trojan-Downloader.Win32.Agent
Jiangmin Backdoor.MSIL.fedo
Avira TR/Redcap.vblhk
Kingsoft Win32.Hack.Undef.(kcloud)
Gridinsoft Trojan.Win32.Downloader.vb
Microsoft Trojan:Win32/Sabsik.FL.A!ml
GData Trojan.GenericKD.47252368
Cynet Malicious (score: 100)
McAfee GenericRXAA-FA!FF3FFFE53DEE
MAX malware (ai score=87)
VBA32 BScope.Trojan.Injector
Malwarebytes Spyware.PasswordStealer
Yandex Backdoor.Mokes!zf/PrUqdk28
Fortinet PossibleThreat.MU
Webroot W32.Trojan.Gen
AVG Win32:MalwareX-gen [Trj]
Panda Trj/GdSda.A