Summary | ZeroBOX

c54893932feb406033f276e4e924ea33.exe

UPX Malicious Library OS Processor Check PE32 PE File
Category Machine Started Completed
FILE s1_win7_x6402 Oct. 28, 2021, 5:30 p.m. Oct. 28, 2021, 5:33 p.m.
Size 89.5KB
Type PE32 executable (console) Intel 80386, for MS Windows
MD5 ff3fffe53dee30a1c24bf86d419bd4ac
SHA256 25d79c1a508700c16bfa42039870d590bb3281c271ed02db20899c87259c657f
CRC32 00246C00
ssdeep 1536:4ZxrW2eq7mQeNzn26jO0+7I+LeScuT1Gd5anG7IW1V7hYxamr+s8jcdMTWgM/D:4bEZQC26S0+7NeSrTcTanGEWLh477MT8
Yara
  • PE_Header_Zero - PE File Signature
  • OS_Processor_Check_Zero - OS Processor Check
  • IsPE32 - (no description)
  • Malicious_Library_Zero - Malicious_Library
  • UPX_Zero - UPX packed file

IP Address Status Action
164.124.101.2 Active Moloch
172.67.204.112 Active Moloch
61.111.58.34 Active Moloch

Suricata Alerts

Flow SID Signature Category
TCP 192.168.56.102:49175 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49179 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49182 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49184 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49180 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49192 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49181 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49194 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49195 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49191 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49197 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49178 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49196 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49193 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49226 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49201 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49199 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49229 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49207 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49206 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49237 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49208 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49242 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49183 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49209 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49247 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49185 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49213 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49248 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49186 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49214 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49250 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49188 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49216 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49187 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49260 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49210 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49218 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49268 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49234 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49223 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49238 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49270 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49189 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49233 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49276 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49190 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49235 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49277 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49200 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49249 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49203 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49256 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49204 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49211 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49219 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49239 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49221 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49198 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49240 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49202 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49222 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49205 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49241 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49227 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49212 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49251 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49231 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49215 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49252 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49232 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49224 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49254 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49236 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49258 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49225 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49246 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49259 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49228 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49262 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49273 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49253 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49265 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49274 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49261 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49266 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49217 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49278 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49272 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49267 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49280 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49279 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49269 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49271 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49220 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49275 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49230 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49243 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49244 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49245 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49255 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49257 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49263 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined
TCP 192.168.56.102:49264 -> 172.67.204.112:443 906200056 SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) undefined

Suricata TLS

Flow Issuer Subject Fingerprint
TLSv1
192.168.56.102:49175
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49179
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49182
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49180
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49184
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49192
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49181
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49194
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49195
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49191
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49197
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49178
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49196
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49193
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49226
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49201
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49199
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49229
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49207
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49206
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49237
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49208
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49242
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49183
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49209
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49247
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49185
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49213
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49248
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49186
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49214
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49250
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49188
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49216
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49187
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49260
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49210
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49218
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49268
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49234
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49223
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49270
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49189
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49238
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49233
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49276
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49190
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49235
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49277
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49200
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49249
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49203
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49256
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49204
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49211
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49219
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49239
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49221
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49198
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49240
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49202
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49222
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49205
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49241
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49227
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49212
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49251
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49231
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49215
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49252
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49232
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49254
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49224
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49236
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49258
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49225
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49246
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49259
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49228
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49262
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49273
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49253
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49265
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49274
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49261
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49266
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49278
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49272
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49217
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49267
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49280
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49279
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49269
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49271
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49220
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49275
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49230
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49243
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49244
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49245
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49255
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49257
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49263
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1
TLSv1
192.168.56.102:49264
172.67.204.112:443
C=US, O=Let's Encrypt, CN=R3 CN=*.gogamec.com ee:4c:93:4c:ed:a7:33:d6:e8:4b:a4:7f:af:73:91:a4:cf:9b:23:b1

Time & API Arguments Status Return Repeated

GlobalMemoryStatusEx

1 1 0
section .gfids
request GET http://apps.identrust.com/roots/dstrootcax3.p7c
Time & API Arguments Status Return Repeated

GetAdaptersAddresses

flags: 15
family: 0
111 0
Elastic malicious (high confidence)
MicroWorld-eScan Trojan.GenericKD.47252368
FireEye Trojan.GenericKD.47252368
ALYac Trojan.GenericKD.47252368
Cylance Unsafe
Sangfor Backdoor.MSIL.Mokes.bg
K7AntiVirus Riskware ( 0040eff71 )
Alibaba Backdoor:MSIL/Mokes.10565ce5
K7GW Riskware ( 0040eff71 )
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of Win32/TrojanDownloader.Agent_AGen.E
APEX Malicious
Paloalto generic.ml
Kaspersky Backdoor.MSIL.Mokes.bg
BitDefender Trojan.GenericKD.47252368
Avast Win32:MalwareX-gen [Trj]
Ad-Aware Trojan.GenericKD.47252368
Emsisoft Trojan.GenericKD.47252368 (B)
McAfee-GW-Edition Artemis!Trojan
Sophos Mal/Generic-S
Ikarus Trojan-Downloader.Win32.Agent
Jiangmin Backdoor.MSIL.fedo
Avira TR/Redcap.vblhk
Kingsoft Win32.Hack.Undef.(kcloud)
Gridinsoft Trojan.Win32.Downloader.vb
Microsoft Trojan:Win32/Sabsik.FL.A!ml
GData Trojan.GenericKD.47252368
Cynet Malicious (score: 100)
McAfee GenericRXAA-FA!FF3FFFE53DEE
MAX malware (ai score=87)
VBA32 BScope.Trojan.Injector
Malwarebytes Spyware.PasswordStealer
Yandex Backdoor.Mokes!zf/PrUqdk28
Fortinet PossibleThreat.MU
Webroot W32.Trojan.Gen
AVG Win32:MalwareX-gen [Trj]
Panda Trj/GdSda.A