Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6403_us | Jan. 17, 2024, 8:05 a.m. | Jan. 17, 2024, 8:14 a.m. |
-
rty27.exe "C:\Users\test22\AppData\Local\Temp\rty27.exe"
524
Name | Response | Post-Analysis Lookup |
---|---|---|
apps.identrust.com |
CNAME
a1952.dscq.akamai.net
CNAME
identrust.edgesuite.net
|
23.67.53.27 |
i.alie3ksgaa.com | 154.92.15.189 |
Suricata Alerts
Suricata TLS
registry | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\MachineGuid |
pdb_path | shrpubw.pdb |
resource name | MUI |
request | GET http://apps.identrust.com/roots/dstrootcax3.p7c |
registry | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F81F111D0E5AB58D396F7BF525577FD30FDC95AA\Blob |
Bkav | W64.AIDetectMalware |
Lionic | Trojan.Win32.Fabookie.4!c |
Elastic | malicious (high confidence) |
Cynet | Malicious (score: 99) |
Skyhigh | BehavesLike.Win64.Dropper.fm |
Cylance | unsafe |
BitDefender | Trojan.GenericKD.71236651 |
Arcabit | Trojan.Generic.D43EFC2B |
Symantec | ML.Attribute.HighConfidence |
ESET-NOD32 | a variant of Win64/GenKryptik.GSSS |
APEX | Malicious |
McAfee | Artemis!34A7DBF9C978 |
Avast | Win64:Malware-gen |
Kaspersky | Trojan.Win32.Fabookie.bwk |
MicroWorld-eScan | Trojan.GenericKD.71236651 |
Rising | Trojan.Fabookie!8.11C3D (CLOUD) |
Emsisoft | Trojan.GenericKD.71236651 (B) |
F-Secure | Trojan.TR/AD.Swrort.wzhtj |
DrWeb | Trojan.DownLoader46.47727 |
Sophos | Mal/Generic-S |
Webroot | W32.Fabookie |
Detected | |
Avira | TR/AD.Swrort.wzhtj |
Kingsoft | Win32.Trojan.Fabookie.bwk |
Gridinsoft | Ransom.Win64.Wacatac.cl |
Microsoft | Trojan:Win64/PrivateLoader.RPZ!MTB |
ZoneAlarm | Trojan.Win32.Fabookie.bwk |
GData | Win64.Trojan.Agent.GGD75K |
Varist | W64/ABRisk.KAFK-4891 |
AhnLab-V3 | Trojan/Win.Generic.R631490 |
DeepInstinct | MALICIOUS |
Malwarebytes | Trojan.Fabookie |
Fortinet | W32/PossibleThreat |
AVG | Win64:Malware-gen |
CrowdStrike | win/malicious_confidence_60% (W) |