Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6401 | Sept. 7, 2024, 5:04 p.m. | Sept. 7, 2024, 5:06 p.m. |
-
-
javaw.exe "C:\Program Files\Java\jre7\bin\javaw.exe" -jar "C:\Users\test22\AppData\Local\Temp\VjX.jar"
2780
-
Name | Response | Post-Analysis Lookup |
---|---|---|
No hosts contacted. |
IP Address | Status | Action |
---|---|---|
164.124.101.2 | Active | Moloch |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
file | C:\Users\test22\AppData\Local\Temp\VjX.jar |
parent_process | wscript.exe | martian_process | "C:\Program Files\Java\jre7\bin\javaw.exe" -jar "C:\Users\test22\AppData\Local\Temp\VjX.jar" | ||||||
parent_process | wscript.exe | martian_process | C:\Users\test22\AppData\Local\Temp\VjX.jar |
Lionic | Trojan.Script.Cryxos.b!c |
Cynet | Malicious (score: 99) |
Skyhigh | BehavesLike.JS.Exploit.fm |
ALYac | JS:Trojan.Cryxos.5674 |
VIPRE | JS:Trojan.Cryxos.5674 |
Arcabit | JS:Trojan.Cryxos.D162A |
Symantec | JS.Downloader |
ESET-NOD32 | JS/TrojanDropper.Agent.OEY |
Avast | JS:Dropper-AADL [Drp] |
Kaspersky | HEUR:Trojan-Dropper.Script.Generic |
BitDefender | JS:Trojan.Cryxos.5674 |
NANO-Antivirus | Trojan.Script.Dropper.jpdkao |
MicroWorld-eScan | JS:Trojan.Cryxos.5674 |
Emsisoft | JS:Trojan.Cryxos.5674 (B) |
F-Secure | Malware.JS/Dldr.G8 |
TrendMicro | HEUR_JS.O.ELBP |
FireEye | JS:Trojan.Cryxos.5674 |
Ikarus | Trojan-Dropper.JS.Agent |
Detected | |
Avira | JS/Dldr.G8 |
MAX | malware (ai score=88) |
Microsoft | Trojan:Script/Wacatac.B!ml |
GData | JS:Trojan.Cryxos.5674 |
Varist | JS/Agent.AXL!Eldorado |
Tencent | Script.Trojan-Dropper.Generic.Adhl |
huorong | TrojanDropper/JS.Agent.bi |
AVG | JS:Dropper-AADL [Drp] |
alibabacloud | Trojan[dropper]:Javascript/Cryxos.Gen |
count | 2544 | name | heapspray | process | javaw.exe | total_mb | 636 | length | 262144 | protection | PAGE_READWRITE |
file | C:\Program Files\Java\jre7\bin\javaw.exe |