Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6403_us | July 12, 2023, 7:44 a.m. | July 12, 2023, 7:47 a.m. |
-
cmd.exe "C:\Windows\System32\cmd.exe" /c start /wait "bdjqFXXnkNKAoId" C:\Users\test22\AppData\Local\Temp\20AC0B78.Png
2052
Name | Response | Post-Analysis Lookup |
---|---|---|
No hosts contacted. |
IP Address | Status | Action |
---|---|---|
164.124.101.2 | Active | Moloch |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
Lionic | Trojan.Win32.Agentb.4!c |
MicroWorld-eScan | Trojan.GenericKD.47824262 |
ClamAV | Win.Trojan.Bulz-9863763-0 |
FireEye | Trojan.GenericKD.47824262 |
CAT-QuickHeal | Trojan.Agentb |
McAfee | GenericRXAA-AA!4B49C57CBEFA |
Zillya | Trojan.Convagent.Win32.3606 |
Sangfor | Suspicious.Win32.Save.a |
K7AntiVirus | Riskware ( 0040eff71 ) |
K7GW | Riskware ( 00584baa1 ) |
Cyren | W32/Trojan.HYF.gen!Eldorado |
Symantec | Trojan.Gen.MBT |
ESET-NOD32 | multiple detections |
TrendMicro-HouseCall | TROJ_GEN.R002H06BC22 |
Avast | Win32:DirtyMoe-AA [Bot] |
Cynet | Malicious (score: 99) |
Kaspersky | Trojan.Win32.Agentb.kkyd |
BitDefender | Trojan.GenericKD.47824262 |
Rising | Trojan.PurpleFox/MSI!1.D10D (CLASSIC) |
Sophos | Generic Reputation PUA (PUA) |
F-Secure | Trojan.TR/Black.Gen2 |
DrWeb | Trojan.Packed2.43111 |
VIPRE | Trojan.GenericKD.47824262 |
TrendMicro | Trojan.VBS.FUPORFLEX.SMYEBDR |
McAfee-GW-Edition | RDN/Generic.grp |
Emsisoft | Trojan.GenericKD.47824262 (B) |
Ikarus | Trojan.Win32.VMProtect |
Avira | TR/VB.Agent.ojena |
MAX | malware (ai score=88) |
Antiy-AVL | Trojan/Win32.Generic |
Microsoft | Trojan:Win32/Tiggre!rfn |
Gridinsoft | Malware.Win32.GenericMC.cc |
Xcitium | Malware@#rpgmzhl7y5ey |
Arcabit | Trojan.Generic.D2D9BD86 [many] |
ZoneAlarm | Trojan.Win32.Agentb.kkyd |
GData | Script.Trojan.PurpleFox.D |
Detected | |
AhnLab-V3 | Dropper/MSI.Purplefox |
BitDefenderTheta | Gen:NN.ZedlaF.36212.rG4@aWpFvhd |
ALYac | Trojan.GenericKD.64452096 |
VBA32 | BScope.Trojan.Agentb |
Tencent | Trojan.Win32.Agentb.wye |
MaxSecure | Trojan.Malware.121218.susgen |
Fortinet | W32/PossibleThreat |
AVG | Win32:DirtyMoe-AA [Bot] |