Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6403_us | Aug. 10, 2024, 12:26 p.m. | Aug. 10, 2024, 12:28 p.m. |
Name | Response | Post-Analysis Lookup |
---|---|---|
download.cpuid.com |
CNAME
cpuz01.cpuid.com
|
195.154.81.43 |
x1.i.lencr.org | 23.35.220.247 |
Suricata Alerts
No Suricata Alerts
Suricata TLS
Flow | Issuer | Subject | Fingerprint |
---|---|---|---|
TLS 1.3 192.168.56.103:49166 195.154.81.43:443 |
None | None | None |
TLS 1.3 192.168.56.103:49167 195.154.81.43:443 |
None | None | None |
TLS 1.3 192.168.56.103:49163 195.154.81.43:443 |
None | None | None |
section | .qtmetad |
section | .qtmimed |
request | GET http://x1.i.lencr.org/ |
section | {u'size_of_data': u'0x00051800', u'virtual_address': u'0x00c6c000', u'entropy': 7.99756120407481, u'name': u'.qtmimed', u'virtual_size': u'0x000517ca'} | entropy | 7.99756120407 | description | A section with a high entropy has been found |
registry | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F81F111D0E5AB58D396F7BF525577FD30FDC95AA\Blob |
Lionic | Adware.Win32.OpenSUpdater.2!c |
ALYac | Application.OpenSUpdater.AJ |
VIPRE | Application.OpenSUpdater.AJ |
BitDefender | Application.OpenSUpdater.AJ |
Cybereason | malicious.cd335f |
Arcabit | Application.OpenSUpdater.AJ |
Symantec | ML.Attribute.HighConfidence |
McAfee | Artemis!364045DCD335 |
Avast | Win32:AdwareX-gen [Adw] |
Kaspersky | UDS:DangerousObject.Multi.Generic |
MicroWorld-eScan | Application.OpenSUpdater.AJ |
Rising | Adware.OpenSUpdater!8.C9C (CLOUD) |
Emsisoft | Application.OpenSUpdater.AJ (B) |
McAfeeD | ti!DC5B6EBCF502 |
FireEye | Application.OpenSUpdater.AJ |
Sophos | Generic Reputation PUA (PUA) |
Antiy-AVL | GrayWare[AdWare]/Win32.OpenSUpdater |
GData | Application.OpenSUpdater.AJ |
DeepInstinct | MALICIOUS |
Malwarebytes | Adware.SpecialSearchOffer |
Ikarus | PUA.OpenSUpdater |
Fortinet | Riskware/Application |
AVG | Win32:AdwareX-gen [Adw] |