Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6401 | Nov. 12, 2023, 2:36 p.m. | Nov. 12, 2023, 2:44 p.m. |
-
ACR.exe "C:\Users\test22\AppData\Local\Temp\ACR.exe"
2552
Name | Response | Post-Analysis Lookup |
---|---|---|
No hosts contacted. |
IP Address | Status | Action |
---|---|---|
45.61.136.124 | Active | Moloch |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
suspicious_features | POST method with no referer header, Connection to IP address | suspicious_request | POST http://45.61.136.124/Up | ||||||
suspicious_features | POST method with no referer header, Connection to IP address | suspicious_request | POST http://45.61.136.124/Up/b |
request | POST http://45.61.136.124/Up |
request | POST http://45.61.136.124/Up/b |
request | POST http://45.61.136.124/Up |
request | POST http://45.61.136.124/Up/b |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\Default\Web Data |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\Local State |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\Default\Login Data |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data\Default\Cookies |
file | C:\Users\test22\AppData\Local\Google\Chrome\User Data |
file | C:\Users\test22\AppData\Local\Chromium\User Data |
file | C:\Users\test22\AppData\Local\MapleStudio\ChromePlus\User Data |
file | C:\Users\test22\AppData\Local\Nichrome\User Data |
host | 45.61.136.124 |
file | C:\Users\test22\AppData\Roaming\Bitcoin\wallets |
file | C:\Users\test22\AppData\Roaming\Electrum\wallets |
file | C:\Users\test22\AppData\Roaming\GHISLER\wcx_ftp.ini |
file | C:\Users\test22\AppData\Roaming\FileZilla\filezilla.xml |
file | C:\Users\test22\AppData\Roaming\.purple\accounts.xml |
file | C:\Users\test22\AppData\Roaming\Exodus\exodus.wallet |