dot.exe| Category | Machine | Started | Completed |
|---|---|---|---|
| FILE | s1_win7_x6401 | June 8, 2023, 9:17 a.m. | June 8, 2023, 9:27 a.m. |
-
dot.exe "C:\Users\test22\AppData\Local\Temp\dot.exe"
2540
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| No hosts contacted. | ||
| IP Address | Status | Action |
|---|---|---|
| 38.54.107.202 | Active | Moloch |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
| host | 38.54.107.202 | |||
| Lionic | Trojan.Win32.Havoc.4!c |
| MicroWorld-eScan | Trojan.GenericKD.67422927 |
| CAT-QuickHeal | Trojan.Havokiz |
| ALYac | Generic.Havokiz.A.59E3C5D8 |
| Malwarebytes | Generic.Malware.AI.DDS |
| Zillya | Trojan.Agent.Win64.23822 |
| Sangfor | Backdoor.Win64.Havoc.Vpc8 |
| K7AntiVirus | Trojan ( 005a14e01 ) |
| Alibaba | Backdoor:Win64/Havoc.767d41be |
| K7GW | Trojan ( 005a14e01 ) |
| CrowdStrike | win/malicious_confidence_100% (W) |
| Arcabit | Generic.Havokiz.A.59E3C5D8 |
| Cyren | W64/Ulise.EO.gen!Eldorado |
| Symantec | Backdoor.Havoc!g2 |
| Elastic | malicious (high confidence) |
| ESET-NOD32 | a variant of Win64/Havoc.A |
| Cynet | Malicious (score: 100) |
| APEX | Malicious |
| ClamAV | Win.Malware.Ulise-9987244-0 |
| Kaspersky | HEUR:Backdoor.Win64.Havoc.pef |
| BitDefender | Trojan.GenericKD.67422927 |
| Avast | Win64:Evo-gen [Trj] |
| Tencent | Malware.Win32.Gencirc.13c76b59 |
| Emsisoft | Generic.Havokiz.A.59E3C5D8 (B) |
| F-Secure | Heuristic.HEUR/AGEN.1329818 |
| VIPRE | Generic.Havokiz.A.59E3C5D8 |
| TrendMicro | Backdoor.Win64.HAVOC.SM |
| McAfee-GW-Edition | BehavesLike.Win64.Generic.km |
| FireEye | Trojan.GenericKD.67422927 |
| Sophos | ATK/Havoc-E |
| Avira | HEUR/AGEN.1329818 |
| Antiy-AVL | Trojan[Backdoor]/Win64.Havoc |
| Microsoft | VirTool:Win64/Havokiz.D!MTB |
| ZoneAlarm | HEUR:Backdoor.Win64.Havoc.pef |
| GData | Generic.Havokiz.A.59E3C5D8 |
| Detected | |
| AhnLab-V3 | Backdoor/Win.Havoc.C5403085 |
| McAfee | BackDoor-FESK!0A8EF8B03EA0 |
| MAX | malware (ai score=83) |
| VBA32 | Backdoor.Win64.Havoc |
| Cylance | unsafe |
| Panda | Trj/Chgt.AC |
| Rising | Trojan.Agent!8.B1E (TFE:4:TbG0Ij1RJIG) |
| Ikarus | Trojan.Win64.Agent |
| MaxSecure | Trojan.Malware.197099475.susgen |
| Fortinet | W64/Agent.BRS!tr |
| AVG | Win64:Evo-gen [Trj] |
| DeepInstinct | MALICIOUS |
| dead_host | 192.168.56.101:49161 |
| dead_host | 192.168.56.101:49171 |
| dead_host | 192.168.56.101:49192 |
| dead_host | 192.168.56.101:49202 |
| dead_host | 192.168.56.101:49175 |
| dead_host | 192.168.56.101:49196 |
| dead_host | 192.168.56.101:49176 |
| dead_host | 192.168.56.101:49180 |
| dead_host | 192.168.56.101:49203 |
| dead_host | 192.168.56.101:49188 |
| dead_host | 192.168.56.101:49166 |
| dead_host | 192.168.56.101:49168 |
| dead_host | 192.168.56.101:49197 |
| dead_host | 192.168.56.101:49177 |
| dead_host | 38.54.107.202:8082 |
| dead_host | 192.168.56.101:49172 |
| dead_host | 192.168.56.101:49185 |
| dead_host | 192.168.56.101:49163 |
| dead_host | 192.168.56.101:49181 |
| dead_host | 192.168.56.101:49194 |
| dead_host | 192.168.56.101:49189 |
| dead_host | 192.168.56.101:49167 |
| dead_host | 192.168.56.101:49169 |
| dead_host | 192.168.56.101:49198 |
| dead_host | 192.168.56.101:49200 |
| dead_host | 192.168.56.101:49178 |
| dead_host | 192.168.56.101:49173 |
| dead_host | 192.168.56.101:49186 |
| dead_host | 192.168.56.101:49204 |
| dead_host | 192.168.56.101:49182 |
| dead_host | 192.168.56.101:49195 |
| dead_host | 192.168.56.101:49190 |
| dead_host | 192.168.56.101:49170 |
| dead_host | 192.168.56.101:49199 |
| dead_host | 192.168.56.101:49201 |
| dead_host | 192.168.56.101:49179 |
| dead_host | 192.168.56.101:49164 |
| dead_host | 192.168.56.101:49174 |
| dead_host | 192.168.56.101:49183 |