Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6401 | Dec. 14, 2023, 6:49 p.m. | Dec. 14, 2023, 7:14 p.m. |
-
agent.exe "C:\Users\test22\AppData\Local\Temp\agent.exe"
2572
Name | Response | Post-Analysis Lookup |
---|---|---|
cs.lvsehacker.com | 104.21.59.67 |
Suricata Alerts
Suricata TLS
Flow | Issuer | Subject | Fingerprint |
---|---|---|---|
TLSv1 192.168.56.101:49165 172.67.217.152:2053 |
C=US, O=Google Trust Services LLC, CN=GTS CA 1P5 | CN=lvsehacker.com | 1b:94:94:77:08:15:73:c1:3c:5a:03:63:d6:04:b5:8d:7b:6b:36:dd |
TLSv1 192.168.56.101:49167 172.67.217.152:2053 |
C=US, O=Google Trust Services LLC, CN=GTS CA 1P5 | CN=lvsehacker.com | 1b:94:94:77:08:15:73:c1:3c:5a:03:63:d6:04:b5:8d:7b:6b:36:dd |
TLSv1 192.168.56.101:49168 172.67.217.152:2053 |
C=US, O=Google Trust Services LLC, CN=GTS CA 1P5 | CN=lvsehacker.com | 1b:94:94:77:08:15:73:c1:3c:5a:03:63:d6:04:b5:8d:7b:6b:36:dd |
TLSv1 192.168.56.101:49166 172.67.217.152:2053 |
C=US, O=Google Trust Services LLC, CN=GTS CA 1P5 | CN=lvsehacker.com | 1b:94:94:77:08:15:73:c1:3c:5a:03:63:d6:04:b5:8d:7b:6b:36:dd |
TLSv1 192.168.56.101:49163 172.67.217.152:2053 |
C=US, O=Google Trust Services LLC, CN=GTS CA 1P5 | CN=lvsehacker.com | 1b:94:94:77:08:15:73:c1:3c:5a:03:63:d6:04:b5:8d:7b:6b:36:dd |
registry | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\MachineGuid |
section | _RDATA |
Bkav | W64.AIDetectMalware |
Elastic | malicious (high confidence) |
Cynet | Malicious (score: 100) |
Symantec | ML.Attribute.HighConfidence |
APEX | Malicious |
Avast | FileRepMalware [Drp] |
Kaspersky | UDS:DangerousObject.Multi.Generic |
Alibaba | VirTool:Win64/CobaltStrike.411d03a7 |
Kingsoft | Win32.Trojan.Cobalt.a |
Microsoft | VirTool:Win32/CobaltStrike.F |
ZoneAlarm | UDS:DangerousObject.Multi.Generic |
DeepInstinct | MALICIOUS |
MaxSecure | Trojan.Malware.300983.susgen |
AVG | FileRepMalware [Drp] |
CrowdStrike | win/malicious_confidence_100% (W) |