Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6403_us | Jan. 17, 2024, 8:05 a.m. | Jan. 17, 2024, 8:09 a.m. |
-
rty45.exe "C:\Users\test22\AppData\Local\Temp\rty45.exe"
632
Name | Response | Post-Analysis Lookup |
---|---|---|
apps.identrust.com |
CNAME
a1952.dscq.akamai.net
CNAME
identrust.edgesuite.net
|
23.67.53.27 |
i.alie3ksgaa.com | 154.92.15.189 |
Suricata Alerts
Suricata TLS
registry | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\MachineGuid |
pdb_path | shrpubw.pdb |
resource name | MUI |
request | GET http://apps.identrust.com/roots/dstrootcax3.p7c |
host | 173.44.176.41 |
registry | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F81F111D0E5AB58D396F7BF525577FD30FDC95AA\Blob |
Bkav | W64.AIDetectMalware |
Lionic | Trojan.Win32.Fabookie.4!c |
Elastic | malicious (high confidence) |
Cynet | Malicious (score: 99) |
Skyhigh | BehavesLike.Win64.Dropper.fm |
Cylance | unsafe |
VIPRE | Trojan.GenericKD.71231399 |
BitDefender | Trojan.GenericKD.71231399 |
Arcabit | Trojan.Generic.D43EE7A7 |
Symantec | ML.Attribute.HighConfidence |
ESET-NOD32 | a variant of Generik.CNEHUXM |
APEX | Malicious |
McAfee | Artemis!02550318E655 |
Avast | Win64:Malware-gen |
Kaspersky | Trojan.Win32.Fabookie.bwk |
Alibaba | Trojan:Win64/Swrort.721da705 |
MicroWorld-eScan | Trojan.GenericKD.71231399 |
Rising | Trojan.Generic!8.C3 (CLOUD) |
Emsisoft | Trojan.GenericKD.71231399 (B) |
F-Secure | Trojan.TR/AD.Swrort.roaxf |
DrWeb | Trojan.DownLoader46.47727 |
TrendMicro | Trojan.Win64.PRIVATELOADER.YXEAOZ |
Sophos | Mal/Generic-S |
Ikarus | Trojan.SuspectCRC |
Webroot | W32.Fabookie |
Detected | |
Avira | TR/AD.Swrort.roaxf |
Kingsoft | Win32.Trojan.Fabookie.bwk |
Gridinsoft | Ransom.Win64.Wacatac.cl |
Microsoft | Trojan:Win64/PrivateLoader.RPZ!MTB |
ZoneAlarm | Trojan.Win32.Fabookie.bwk |
GData | Trojan.GenericKD.71231399 |
Varist | W64/ABRisk.JWBC-4891 |
AhnLab-V3 | Trojan/Win.Generic.R631490 |
DeepInstinct | MALICIOUS |
Malwarebytes | Trojan.Fabookie |
TrendMicro-HouseCall | Trojan.Win64.PRIVATELOADER.YXEAOZ |
Tencent | Win32.Trojan.Fabookie.Xylw |
Fortinet | W32/PossibleThreat |
AVG | Win64:Malware-gen |
CrowdStrike | win/malicious_confidence_100% (W) |