Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6403_us | July 9, 2024, 10:07 a.m. | July 9, 2024, 10:09 a.m. |
-
-
install.exe "C:\Windows\TEMP\{F2500F20-1137-43DF-AF52-FD6592584886}\.cr\install.exe" -burn.clean.room="C:\Users\test22\AppData\Local\Temp\install.exe" -burn.filehandle.attached=208 -burn.filehandle.self=204
2180
-
Name | Response | Post-Analysis Lookup |
---|---|---|
No hosts contacted. |
IP Address | Status | Action |
---|---|---|
No hosts contacted. |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
pdb_path | D:\a\wix\wix\build\burn\Release\x64\burn.pdb |
section | .didat |
section | .wixburn |
section | _RDATA |
file | C:\Windows\Temp\{709910E0-149B-4C9A-9252-53B87F118B0F}\.ba\hardy.xlsx |
file | C:\Windows\Temp\{709910E0-149B-4C9A-9252-53B87F118B0F}\.ba\Ladysmantle.dll |
file | C:\Windows\Temp\{709910E0-149B-4C9A-9252-53B87F118B0F}\.ba\datastate.dll |
file | C:\Windows\Temp\{709910E0-149B-4C9A-9252-53B87F118B0F}\.ba\pdfium.dll |
file | C:\Windows\Temp\{F2500F20-1137-43DF-AF52-FD6592584886}\.cr\install.exe |
file | C:\Windows\Temp\{709910E0-149B-4C9A-9252-53B87F118B0F}\.ba\pdf2bmp.dll |
file | C:\Windows\Temp\{709910E0-149B-4C9A-9252-53B87F118B0F}\.ba\iTopDataRecovery.exe |
file | C:\Windows\Temp\{F2500F20-1137-43DF-AF52-FD6592584886}\.cr\install.exe |
file | C:\Windows\Temp\{709910E0-149B-4C9A-9252-53B87F118B0F}\.ba\iTopDataRecovery.exe |
Bkav | W64.AIDetectMalware |
Lionic | Trojan.Win32.Generic.4!c |
Elastic | malicious (high confidence) |
Skyhigh | Artemis!Trojan |
ALYac | Gen:Variant.Midie.148833 |
Cylance | Unsafe |
VIPRE | Gen:Variant.Midie.148833 |
Sangfor | Downloader.Win64.Rugmi.Vq8y |
BitDefender | Gen:Variant.Midie.148833 |
Cybereason | malicious.0b667b |
Arcabit | Trojan.Midie.D24561 |
Symantec | ML.Attribute.HighConfidence |
ESET-NOD32 | a variant of Win64/TrojanDownloader.Rugmi.BT.gen |
APEX | Malicious |
McAfee | Artemis!7524D560B667 |
Avast | Win64:Malware-gen |
Kaspersky | Trojan.Win32.Penguish.ccr |
Alibaba | TrojanDownloader:Win64/Rugmi.e08ed471 |
MicroWorld-eScan | Gen:Variant.Midie.148833 |
Emsisoft | Gen:Variant.Midie.148833 (B) |
F-Secure | Trojan.TR/AVI.Agent.zesgb |
DrWeb | Program.Unwanted.5405 |
Zillya | Trojan.Penguish.Win32.211 |
TrendMicro | Backdoor.Win64.XWORM.YXEGHZ |
McAfeeD | ti!E88F233B6925 |
FireEye | Gen:Variant.Midie.148833 |
Sophos | Mal/Generic-S |
Ikarus | Win32.Outbreak |
Detected | |
Avira | TR/AVI.Agent.zesgb |
MAX | malware (ai score=87) |
Gridinsoft | Trojan.Win64.Downloader.sa |
Microsoft | Trojan:Win32/Casdet!rfn |
ZoneAlarm | Trojan.Win32.Penguish.ccr |
GData | Gen:Variant.Midie.148833 |
Varist | W64/ABTrojan.HNCH-9321 |
AhnLab-V3 | Trojan/Win.Malware-gen.C5560857 |
DeepInstinct | MALICIOUS |
Panda | Trj/Chgt.AD |
TrendMicro-HouseCall | Backdoor.Win64.XWORM.YXEGHZ |
Fortinet | Adware/Rugmi |
AVG | Win64:Malware-gen |
Paloalto | generic.ml |
alibabacloud | Trojan[downloader]:Win/Rugmi.BS |