Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6403_us | Nov. 8, 2024, 4:57 p.m. | Nov. 8, 2024, 5:04 p.m. |
-
schtasks.exe "schtasks" /create /tn "Framework" /sc ONLOGON /tr "C:\Users\test22\AppData\Local\Temp\hbfgjhhesfd.exe" /rl HIGHEST /f
2788
Name | Response | Post-Analysis Lookup |
---|---|---|
freegeoip.net | 3.33.130.190 | |
ip-api.com | 208.95.112.1 | |
api.ipify.org | 172.67.74.152 |
Suricata Alerts
Suricata TLS
No Suricata TLS
domain | api.ipify.org |
domain | ip-api.com |
host | 82.117.243.110 |
dead_host | 82.117.243.110:5173 |
Bkav | W32.AIDetectMalware.CS |
Lionic | Trojan.Win32.Quasar.m!c |
CAT-QuickHeal | Backdoor.MsilFC.S6050939 |
Skyhigh | BehavesLike.Win32.Generic.dh |
Cylance | Unsafe |
VIPRE | Gen:Heur.Ransom.Imps.3 |
CrowdStrike | win/malicious_confidence_100% (W) |
BitDefender | Gen:Heur.Ransom.Imps.3 |
K7GW | Trojan ( 00562f821 ) |
K7AntiVirus | Trojan ( 00562f821 ) |
Arcabit | Trojan.Ransom.Imps.3 |
VirIT | Backdoor.Win32.Quasar.AM |
Symantec | ML.Attribute.HighConfidence |
Elastic | Windows.Trojan.Quasarrat |
ESET-NOD32 | a variant of MSIL/Spy.Agent.AES |
APEX | Malicious |
Avast | MSIL:Rat-B [Trj] |
ClamAV | Win.Trojan.Barys-1 |
Kaspersky | HEUR:Backdoor.MSIL.Quasar.gen |
Alibaba | Backdoor:MSIL/Quasar.afbd63ce |
NANO-Antivirus | Trojan.Win32.PWS.edqjme |
MicroWorld-eScan | Gen:Heur.Ransom.Imps.3 |
Rising | Backdoor.xRAT!1.E17E (CLASSIC) |
Emsisoft | Gen:Heur.Ransom.Imps.3 (B) |
F-Secure | Heuristic.HEUR/AGEN.1307329 |
DrWeb | BackDoor.Quasar.1 |
Zillya | Trojan.Agent.Win32.4005592 |
TrendMicro | TSPY_TINCLEX.SM1 |
McAfeeD | Real Protect-LS!2B3A191EE1F6 |
Trapmine | suspicious.low.ml.score |
CTX | exe.trojan.msil |
Sophos | ATK/Zaquar-D |
SentinelOne | Static AI - Malicious PE |
FireEye | Generic.mg.2b3a191ee1f6d3b2 |
Jiangmin | Backdoor.MSIL.acwb |
Webroot | W32.Trojan.Gen |
Detected | |
Avira | HEUR/AGEN.1307329 |
Antiy-AVL | Trojan[Spy]/Win32.Agent.foqx |
Kingsoft | malware.kb.c.1000 |
Gridinsoft | Trojan.Win32.Agent.sa |
Xcitium | Malware@#2thp9boc5ut0w |
Microsoft | Backdoor:MSIL/Quasar.GG!MTB |
ZoneAlarm | HEUR:Backdoor.MSIL.Quasar.gen |
GData | MSIL.Backdoor.Quasar.D |
Varist | W32/MSIL_Mintluks.A.gen!Eldorado |
AhnLab-V3 | Trojan/Win.Subti.R414075 |
McAfee | GenericRXDY-OW!2B3A191EE1F6 |
TACHYON | Trojan/W32.DN-Agent.295424.M |
DeepInstinct | MALICIOUS |