Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6403_us | Dec. 14, 2023, 6:52 p.m. | Dec. 14, 2023, 7:05 p.m. |
-
upsync.exe "C:\Users\test22\AppData\Local\Temp\upsync.exe"
516
Name | Response | Post-Analysis Lookup |
---|---|---|
No hosts contacted. |
IP Address | Status | Action |
---|---|---|
66.228.60.47 | Active | Moloch |
Suricata Alerts
No Suricata Alerts
Suricata TLS
Flow | Issuer | Subject | Fingerprint |
---|---|---|---|
TLSv1 192.168.56.103:49161 66.228.60.47:443 |
C=US, ST=Florida, L=Tampa, unknown=, unknown=4652, O=LLC, CN=66.228.60.47 | C=US, ST=Florida, L=Tampa, unknown=, unknown=4652, O=LLC, CN=66.228.60.47 | bb:9a:7f:1c:3f:0d:23:07:8e:c9:10:9f:2e:a1:af:cd:a4:86:b4:ea |
TLSv1 192.168.56.103:49164 66.228.60.47:443 |
C=US, ST=Florida, L=Tampa, unknown=, unknown=4652, O=LLC, CN=66.228.60.47 | C=US, ST=Florida, L=Tampa, unknown=, unknown=4652, O=LLC, CN=66.228.60.47 | bb:9a:7f:1c:3f:0d:23:07:8e:c9:10:9f:2e:a1:af:cd:a4:86:b4:ea |
TLSv1 192.168.56.103:49165 66.228.60.47:443 |
C=US, ST=Florida, L=Tampa, unknown=, unknown=4652, O=LLC, CN=66.228.60.47 | C=US, ST=Florida, L=Tampa, unknown=, unknown=4652, O=LLC, CN=66.228.60.47 | bb:9a:7f:1c:3f:0d:23:07:8e:c9:10:9f:2e:a1:af:cd:a4:86:b4:ea |
TLSv1 192.168.56.103:49166 66.228.60.47:443 |
C=US, ST=Florida, L=Tampa, unknown=, unknown=4652, O=LLC, CN=66.228.60.47 | C=US, ST=Florida, L=Tampa, unknown=, unknown=4652, O=LLC, CN=66.228.60.47 | bb:9a:7f:1c:3f:0d:23:07:8e:c9:10:9f:2e:a1:af:cd:a4:86:b4:ea |
host | 66.228.60.47 |
registry | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F81F111D0E5AB58D396F7BF525577FD30FDC95AA\Blob |
Bkav | W64.AIDetectMalware |
Elastic | malicious (high confidence) |
Cynet | Malicious (score: 100) |
Skyhigh | BehavesLike.Win64.Generic.cm |
ALYac | Generic.Trojan.Havokiz.Marte.D.28F89B35 |
Cylance | unsafe |
VIPRE | Generic.Trojan.Havokiz.Marte.D.28F89B35 |
Sangfor | Backdoor.Win64.Havoc.V5ub |
BitDefender | Generic.Trojan.Havokiz.Marte.D.28F89B35 |
Arcabit | Generic.Trojan.Havokiz.Marte.D.28F89B35 |
Symantec | ML.Attribute.HighConfidence |
ESET-NOD32 | a variant of Win64/Havoc_AGen.E |
APEX | Malicious |
McAfee | Agent-FYC!A5B4A2004037 |
Avast | Win64:Evo-gen [Trj] |
Kaspersky | HEUR:Backdoor.Win64.C2.h |
Alibaba | Backdoor:Win64/Havokiz.c76017b6 |
MicroWorld-eScan | Generic.Trojan.Havokiz.Marte.D.28F89B35 |
Rising | Backdoor.Havoc!8.970A (TFE:4:Muj2LsPTQQM) |
Emsisoft | Generic.Trojan.Havokiz.Marte.D.28F89B35 (B) |
F-Secure | Heuristic.HEUR/AGEN.1368308 |
FireEye | Generic.Trojan.Havokiz.Marte.D.28F89B35 |
Sophos | ATK/Havoc-G |
Jiangmin | Backdoor.C2.d |
Detected | |
Avira | HEUR/AGEN.1368308 |
MAX | malware (ai score=82) |
Antiy-AVL | Trojan/Win64.Havoc |
Microsoft | Trojan:Win64/Havokiz.DX!MTB |
ZoneAlarm | UDS:DangerousObject.Multi.Generic |
GData | Generic.Trojan.Havokiz.Marte.D.28F89B35 |
DeepInstinct | MALICIOUS |
Malwarebytes | Generic.Malware/Suspicious |
Tencent | Win64.Backdoor.C2.Lqil |
SentinelOne | Static AI - Malicious PE |
AVG | Win64:Evo-gen [Trj] |
CrowdStrike | win/malicious_confidence_70% (W) |