Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6403_us | July 11, 2024, 1:20 p.m. | July 11, 2024, 1:26 p.m. |
-
msbuild.exe "C:\Users\test22\AppData\Local\Temp\msbuild.exe"
1072 -
explorer.exe C:\Windows\Explorer.EXE
1236
Name | Response | Post-Analysis Lookup |
---|---|---|
sexapp.cc | 43.135.32.151 |
Suricata Alerts
Flow | SID | Signature | Category |
---|---|---|---|
UDP 192.168.56.103:64894 -> 164.124.101.2:53 | 2027758 | ET DNS Query for .cc TLD | Potentially Bad Traffic |
Suricata TLS
No Suricata TLS
pdb_path | F:\asdasd\x64\Output\Release\teger.pdb |
section | _RDATA |
domain | sexapp.cc | description | Cocos Islands domain TLD |
file | C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\sexaps.lnk |
file | C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\sexaps.lnk |
file | C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\sexaps.lnk |
Bkav | W64.AIDetectMalware |
ESET-NOD32 | a variant of Win64/Agent.VV |
Rising | Trojan.Agent!8.B1E (CLOUD) |
McAfeeD | ti!E19DE62C82F4 |
Ikarus | Trojan.Win64.Agent |
DeepInstinct | MALICIOUS |
Tencent | Win64.Trojan.Agent.Nsmw |
MaxSecure | Trojan.Malware.300983.susgen |
Fortinet | PossibleThreat.MU |
Paloalto | generic.ml |
dead_host | 192.168.56.103:49171 |
dead_host | 192.168.56.103:49170 |
dead_host | 43.135.32.151:3965 |
dead_host | 192.168.56.103:49181 |
dead_host | 192.168.56.103:49180 |
dead_host | 192.168.56.103:49183 |
dead_host | 192.168.56.103:49173 |
dead_host | 192.168.56.103:49182 |
dead_host | 192.168.56.103:49172 |
dead_host | 192.168.56.103:49177 |
dead_host | 192.168.56.103:49175 |
dead_host | 192.168.56.103:49176 |
dead_host | 192.168.56.103:49165 |
dead_host | 192.168.56.103:49174 |
dead_host | 192.168.56.103:49179 |
dead_host | 192.168.56.103:49164 |
dead_host | 192.168.56.103:49169 |
dead_host | 192.168.56.103:49178 |
dead_host | 192.168.56.103:49168 |
dead_host | 192.168.56.103:49166 |