Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6401 | Aug. 1, 2024, 3:13 p.m. | Aug. 1, 2024, 3:15 p.m. |
-
lasjdflakdsjf.pdf.exe "C:\Users\test22\AppData\Local\Temp\lasjdflakdsjf.pdf.exe"
2548
Name | Response | Post-Analysis Lookup |
---|---|---|
No hosts contacted. |
IP Address | Status | Action |
---|---|---|
156.224.22.247 | Active | Moloch |
Suricata Alerts
No Suricata Alerts
Suricata TLS
section | .symtab |
host | 156.224.22.247 |
Bkav | W64.AIDetectMalware |
Skyhigh | BehavesLike.Win64.HToolWinGo.rh |
Cylance | unsafe |
Elastic | malicious (high confidence) |
ESET-NOD32 | a variant of WinGo/Agent.RH |
Ikarus | Trojan.WinGo.Agent |
Detected | |
Antiy-AVL | Trojan/Win32.Wacatac |
Microsoft | Trojan:Win32/Wacatac.B!ml |
DeepInstinct | MALICIOUS |
SentinelOne | Static AI - Suspicious PE |
MaxSecure | Trojan.Malware.300983.susgen |
Fortinet | W32/Agent.RH!tr |
alibabacloud | Trojan:Multi/Agent.RH |