Malicious artifacts seen in the context of a contacted hostįound malicious artifacts related to "89.185.44.100" (ASN: 8426, Owner: ClaraNET LTD).
The analysis spawned a process that was identified as maliciousĤ/61 Antivirus vendors marked spawned process "" (PID: 3440) as malicious (classified as "DangerousObject.Multi" with 6% detection rate)Ħ/60 Antivirus vendors marked spawned process "Loader.exe" (PID: 3484) as malicious (classified as "" with 10% detection rate)ĥ/61 Antivirus vendors marked spawned process "Bruteforce.exe" (PID: 3644) as malicious (classified as "" with 8% detection rate)Ĥ7/61 Antivirus vendors marked spawned process "Loader.exe" (PID: 2040) as malicious (classified as "Trojan.Generic" with 77% detection rate)ĥ8/61 Antivirus vendors marked spawned process "Combine Bank BruteChecker by FPSrv.exe" (PID: 3704) as malicious (classified as "Trojan.Zbot" with 95% detection rate)Ĥ4/61 Antivirus vendors marked spawned process "drv_install?x86?.exe" (PID: 3696) as malicious (classified as "Gen:Variant.Strictor" with 72% detection rate)ĥ8/61 Antivirus vendors marked spawned process "DesktopLayer.exe" (PID: 3732) as malicious (classified as "Trojan.Zbot" with 95% detection rate)ĥ0/84 Antivirus vendors marked spawned process "xpsrchv.exe" (PID: 1820) as malicious (classified as "Trojan.Generic" with 59% detection rate)ĥ0/84 Antivirus vendors marked spawned process "xpsrchv.exe" (PID: 2940) as malicious (classified as "Trojan.Generic" with 59% detection rate)ĥ0/84 Antivirus vendors marked spawned process "xpsrchv.exe" (PID: 2812) as malicious (classified as "Trojan.Generic" with 59% detection rate) 6/60 Antivirus vendors marked dropped file "Loader.exe" as malicious (classified as "" with 10% detection rate)ģ4/85 Antivirus vendors marked dropped file "WUDLicense.exe" as malicious (classified as "Application.RemoteAdmin" with 40% detection rate)Ĥ7/61 Antivirus vendors marked dropped file "Loader.exe" as malicious (classified as "Trojan.Generic" with 77% detection rate)Ĥ/83 Antivirus vendors marked dropped file "webmvorbisencoder.dll" as malicious (classified as "Generic.Generic" with 4% detection rate)Ģ/83 Antivirus vendors marked dropped file "vp8encoder.dll" as malicious (classified as "W32.HfsAdware" with 2% detection rate)ĥ/61 Antivirus vendors marked dropped file "Bruteforce.exe" as malicious (classified as "" with 8% detection rate)Ģ/83 Antivirus vendors marked dropped file "vp8decoder.dll" as malicious (classified as "W32.HfsAdware" with 2% detection rate)ĥ0/84 Antivirus vendors marked dropped file "xpsrchv.exe" as malicious (classified as "Trojan.Generic" with 59% detection rate)
0 kommentar(er)
