Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6403_us | Aug. 8, 2024, 2:04 p.m. | Aug. 8, 2024, 2:08 p.m. |
-
-
irsetup.exe "C:\Users\test22\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe" __IRAOFF:1917298 "__IRAFN:C:\Users\test22\AppData\Local\Temp\latest.exe" "__IRCT:0" "__IRTSS:0" "__IRSID:S-1-5-21-3832866432-4053218753-3017428901-1001"
2144
-
Name | Response | Post-Analysis Lookup |
---|---|---|
No hosts contacted. |
IP Address | Status | Action |
---|---|---|
No hosts contacted. |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
file | C:\Users\test22\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe |
file | C:\Users\test22\AppData\Local\Temp\_ir_sf_temp_0\lua5.1.dll |
file | C:\Users\test22\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe |
file | C:\Users\test22\AppData\Local\Temp\_ir_sf_temp_0\lua5.1.dll |
file | C:\Users\test22\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe |
description | Take ScreenShot | rule | ScreenShot | ||||||
description | (no description) | rule | DebuggerCheck__GlobalFlags | ||||||
description | (no description) | rule | DebuggerCheck__QueryInfo | ||||||
description | (no description) | rule | DebuggerHiding__Thread | ||||||
description | (no description) | rule | DebuggerHiding__Active | ||||||
description | (no description) | rule | ThreadControl__Context | ||||||
description | (no description) | rule | SEH__vectored | ||||||
description | Checks if being debugged | rule | anti_dbg | ||||||
description | Bypass DEP | rule | disable_dep | ||||||
description | File Downloader | rule | Network_Downloader |
file | C:\Users\test22\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe |
Bkav | W32.Common.DFE390B7 |
CAT-QuickHeal | Trojan.Agent |
ALYac | Trojan.GenericKD.73323541 |
Cylance | Unsafe |
VIPRE | Trojan.GenericKD.73323541 |
BitDefender | Trojan.GenericKD.73323541 |
Cybereason | malicious.18c30c |
Arcabit | Trojan.Generic.D45ED415 |
ESET-NOD32 | multiple detections |
McAfee | Artemis!664CEBE18C30 |
Avast | Win64:MalwareX-gen [Trj] |
MicroWorld-eScan | Trojan.GenericKD.73323541 |
Rising | Trojan.Kryptik!8.8 (CLOUD) |
Emsisoft | Trojan.GenericKD.73323541 (B) |
F-Secure | Trojan.TR/AVI.Agent.zobmy |
McAfeeD | ti!4D38D3EC76C4 |
FireEye | Trojan.GenericKD.73323541 |
Sophos | Mal/Generic-S |
Avira | TR/AVI.Agent.zobmy |
MAX | malware (ai score=87) |
GData | Trojan.GenericKD.73323541 |
DeepInstinct | MALICIOUS |
Ikarus | Trojan.WinGo.Coinminer |
TrendMicro-HouseCall | TROJ_GEN.R002H0CH524 |
Fortinet | Riskware/Application |
AVG | Win64:MalwareX-gen [Trj] |