Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6402 | July 8, 2024, 4:58 p.m. | July 8, 2024, 5 p.m. |
Name | Response | Post-Analysis Lookup |
---|---|---|
No hosts contacted. |
IP Address | Status | Action |
---|---|---|
164.124.101.2 | Active | Moloch |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
registry | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\MachineGuid |
ESET-NOD32 | HTML/TrojanDropper.Agent.R |
Rising | Trojan.MouseJack/HTML!1.BE26 (CLASSIC) |
AhnLab-V3 | Dropper/HTML.Generic.S2418 |
Fortinet | JS/Kimsuky.GOSU!tr |
description | (no description) | rule | DebuggerCheck__GlobalFlags | ||||||
description | (no description) | rule | DebuggerCheck__QueryInfo | ||||||
description | (no description) | rule | DebuggerHiding__Thread | ||||||
description | (no description) | rule | DebuggerHiding__Active | ||||||
description | (no description) | rule | ThreadControl__Context | ||||||
description | (no description) | rule | SEH__vectored | ||||||
description | Checks if being debugged | rule | anti_dbg | ||||||
description | Bypass DEP | rule | disable_dep |