Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6403_us | June 21, 2024, 9:45 a.m. | June 21, 2024, 9:47 a.m. |
-
-
-
-
ipconfig.exe ipconfig
2328
-
-
-
WezoEventUP.exe C:\Users\test22\AppData\Local\Temp\WezoEventUP.exe
2412 -
-
7z.exe C:\Users\test22\AppData\Local\Temp\7z.exe x -y D:\verysync-windows-amd64-v2.15.0.zip -od:\
2628
-
-
DelHosts.exe C:\Users\test22\AppData\Local\Temp\DelHosts.exe
2764 -
wzoptup.exe C:\Users\test22\AppData\Local\Temp\wzoptup.exe
2856 -
storyhosts.exe C:\Users\test22\AppData\Local\Temp\storyhosts.exe
2944 -
sysup.exe C:\Users\test22\AppData\Local\Temp\sysup.exe
3028 -
dbzclientUpdate.exe C:\Users\test22\AppData\Local\Temp\dbzclientUpdate.exe
2148 -
wzoptBmp.exe C:\Users\test22\AppData\Local\Temp\wzoptBmp.exe
2332 -
changezuhaolnk.exe C:\Users\test22\AppData\Local\Temp\changezuhaolnk.exe
2852
-
Name | Response | Post-Analysis Lookup |
---|---|---|
dl-cn.verysync.com | 104.21.52.166 | |
wieie.cn | 58.23.215.23 |
Suricata Alerts
Suricata TLS
No Suricata TLS
packer | UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser |
request | GET http://dl-cn.verysync.com/releases/v2.15.0/verysync-windows-amd64-v2.15.0.zip |
request | GET http://dl-cn.verysync.com/releases/ |
file | C:\Users\test22\AppData\Local\Temp\storyhosts.exe |
file | C:\Users\test22\AppData\Local\Temp\7z.exe |
file | C:\Users\test22\AppData\Local\Temp\DownVerySync.exe |
file | C:\Users\test22\AppData\Local\Temp\changezuhaolnk.exe |
file | C:\Users\test22\AppData\Local\Temp\dbzclientUpdate.exe |
file | C:\Users\test22\AppData\Local\Temp\WezoEventUP.exe |
file | C:\Users\test22\AppData\Local\Temp\7z.dll |
file | C:\Users\test22\AppData\Local\Temp\wzoptup.exe |
file | C:\Users\test22\AppData\Local\Temp\DelHosts.exe |
file | C:\Users\test22\AppData\Local\Temp\sysup.exe |
file | C:\Users\test22\AppData\Local\Temp\wzoptBmp.exe |
file | C:\Users\test22\AppData\Local\Temp\arpwriteIni.exe |
cmdline | C:\Windows\system32\cmd.exe /c ipconfig |
file | C:\Users\test22\AppData\Local\Temp\wzoptup.exe |
file | C:\Users\test22\AppData\Local\Temp\arpwriteIni.exe |
file | C:\Users\test22\AppData\Local\Temp\7z.dll |
file | C:\Users\test22\AppData\Local\Temp\storyhosts.exe |
file | C:\Users\test22\AppData\Local\Temp\sysup.exe |
file | C:\Users\test22\AppData\Local\Temp\7z.exe |
file | C:\Users\test22\AppData\Local\Temp\WezoEventUP.exe |
file | C:\Users\test22\AppData\Local\Temp\dbzclientUpdate.exe |
file | C:\Users\test22\AppData\Local\Temp\wzoptBmp.exe |
file | C:\Users\test22\AppData\Local\Temp\DelHosts.exe |