Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6403_us | June 19, 2024, 9:54 a.m. | June 19, 2024, 9:57 a.m. |
-
-
-
blob.exe "C:\Users\test22\AppData\Local\Temp\1000001001\blob.exe"
2300
-
-
-
explorer.exe C:\Windows\Explorer.EXE
1236
Name | Response | Post-Analysis Lookup |
---|---|---|
pool.hashvault.pro | 142.202.242.43 | |
o7labs.top | 91.92.240.234 |
Suricata Alerts
Suricata TLS
No Suricata TLS
suspicious_features | POST method with no referer header, POST method with no useragent header | suspicious_request | POST http://o7labs.top/visual/skins/index.php | ||||||
suspicious_features | POST method with no referer header, POST method with no useragent header | suspicious_request | POST http://o7labs.top/visual/skins/index.php?scr=1 | ||||||
suspicious_features | GET method with no useragent header | suspicious_request | GET http://o7labs.top/visual/blob.exe | ||||||
suspicious_features | GET method with no useragent header | suspicious_request | GET http://o7labs.top/visual/build.exe |
request | POST http://o7labs.top/visual/skins/index.php |
request | POST http://o7labs.top/visual/skins/index.php?scr=1 |
request | GET http://o7labs.top/visual/blob.exe |
request | GET http://o7labs.top/visual/build.exe |
request | POST http://o7labs.top/visual/skins/index.php |
request | POST http://o7labs.top/visual/skins/index.php?scr=1 |
domain | o7labs.top | description | Generic top level domain TLD |
description | Hkbsse.exe tried to sleep 122 seconds, actually delayed analysis time by 122 seconds |
file | C:\Users\test22\AppData\Local\Temp\1000001001\blob.exe |
file | C:\Users\test22\AppData\Local\Temp\1000003001\build.exe |
file | C:\Users\test22\AppData\Local\Temp\5641a448ac\Hkbsse.exe |
file | C:\Users\test22\AppData\Local\Temp\1000001001\blob.exe |
file | C:\Users\test22\AppData\Local\Temp\1000003001\build.exe |
file | C:\Users\test22\AppData\Local\Temp\1000003001\build.exe |
file | C:\Users\test22\AppData\Local\Temp\5641a448ac\Hkbsse.exe |