Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6401 | June 17, 2024, 10:21 a.m. | June 17, 2024, 10:23 a.m. |
-
-
cmd.exe cmd.exe /c "reg add \"HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\" /v WinUpdate /t REG_SZ /d \"C:\Users\test22\AppData\Local\Temp\b.exe\""
2772-
reg.exe reg add \"HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\" /v WinUpdate /t REG_SZ /d \"C:\Users\test22\AppData\Local\Temp\b.exe\"
2852
-
-
Name | Response | Post-Analysis Lookup |
---|---|---|
comprobacion-aerolineas.com | 94.156.67.86 |
Suricata Alerts
Suricata TLS
No Suricata TLS
section | .symtab |
cmdline | cmd.exe /c "reg add \"HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\" /v WinUpdate /t REG_SZ /d \"C:\Users\test22\AppData\Local\Temp\b.exe\"" |
cmdline | cmd.exe /c "reg add \"HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\" /v WinUpdate /t REG_SZ /d \"C:\Users\test22\AppData\Local\Temp\b.exe\"" |
cmdline | reg add \"HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\" /v WinUpdate /t REG_SZ /d \"C:\Users\test22\AppData\Local\Temp\b.exe\" |
Bkav | W32.AIDetectMalware |
Lionic | Trojan.Win32.Convagent.a!c |
Elastic | malicious (moderate confidence) |
Cynet | Malicious (score: 99) |
Skyhigh | BehavesLike.Win32.Trojan.rh |
Cylance | Unsafe |
Sangfor | Trojan.Win32.Agent.Vzab |
Symantec | ML.Attribute.HighConfidence |
ESET-NOD32 | a variant of WinGo/Agent.SC |
APEX | Malicious |
Avast | Win32:Malware-gen |
Kaspersky | Trojan-Downloader.Win32.Gomal.aex |
Rising | Trojan.Generic@AI.86 (RDML:y3xovI/YB4mn4C9dvZIYtQ) |
F-Secure | Trojan.TR/Crypt.XPACK.Gen |
McAfeeD | ti!C86218367D0C |
FireEye | Generic.mg.ccd45a73d555f6a8 |
Sophos | Mal/Generic-S |
Ikarus | Win32.Outbreak |
Detected | |
Avira | TR/Crypt.XPACK.Gen |
Kingsoft | Win32.Trojan-Downloader.Gomal.aex |
Gridinsoft | Ransom.Win32.Sabsik.sa |
Microsoft | Trojan:Win32/Casdet!rfn |
ViRobot | Trojan.Win.Z.Agent.4402176.A |
ZoneAlarm | Trojan-Downloader.Win32.Gomal.aex |
GData | Win32.Trojan.Agent.6WPJIH |
Varist | W32/ABRisk.SYPB-6483 |
AhnLab-V3 | Trojan/Win.CobaltStrike.C4705188 |
BitDefenderTheta | AI:Packer.A94DE9E621 |
DeepInstinct | MALICIOUS |
VBA32 | BScope.Trojan.Win64.Agent |
Malwarebytes | Malware.AI.4085937375 |
SentinelOne | Static AI - Malicious PE |
MaxSecure | Trojan.Malware.256267328.susgen |
Fortinet | W32/Agent.SC!tr |
AVG | Win32:Malware-gen |
Paloalto | generic.ml |
CrowdStrike | win/malicious_confidence_70% (D) |
alibabacloud | Trojan:Multi/XPACK.Gyf |