![]() ![]() ![]() ![]() "DriverPack.exe" wrote 1500 bytes to a remote process "C:\Windows\System32\mshta.exe" (Handle: 440) "" wrote 52 bytes to a remote process "C:\Users\%USERNAME%\AppData\Local\Temp\7ZipSfx.000\DriverPack.exe" (Handle: 592) "" wrote 32 bytes to a remote process "C:\Users\%USERNAME%\AppData\Local\Temp\7ZipSfx.000\DriverPack.exe" (Handle: 592) "" wrote 4 bytes to a remote process "C:\Users\%USERNAME%\AppData\Local\Temp\7ZipSfx.000\DriverPack.exe" (Handle: 592) "" wrote 1500 bytes to a remote process "%TEMP%\7ZipSfx.000\DriverPack.exe" (Handle: 592) "" wrote 4 bytes to a remote process "C:\Windows\System32\wscript.exe" (Handle: 592) "" wrote 52 bytes to a remote process "C:\Windows\System32\wscript.exe" (Handle: 592) "" wrote 32 bytes to a remote process "C:\Windows\System32\wscript.exe" (Handle: 592) "" wrote 4 bytes to a remote process "C:\Windows\System32\wscript.exe" (Handle: 672) "" wrote 52 bytes to a remote process "C:\Windows\System32\wscript.exe" (Handle: 672) "" wrote 32 bytes to a remote process "C:\Windows\System32\wscript.exe" (Handle: 672) Sample was identified as malicious by a large number of Antivirus engines su TLD (Soviet Union) Often Malware Related" (SID: 2014170, Rev: 2, Severity: 1) categorized as "A Network Trojan was detected"ĭetected alert "ET CURRENT_EVENTS Possible Malicious Macro DL EXE Feb 2016 (WinHTTPRequest)" (SID: 2022658, Rev: 4, Severity: 1) categorized as "A Network Trojan was detected" (Phishing, Exploit Kits)ĭetected alert "ET POLICY PE EXE or DLL Windows file download HTTP" (SID: 2018959, Rev: 3, Severity: 1) categorized as "Potential Corporate Privacy Violation"ĭetected alert "ET TROJAN HTTP Executable Download from suspicious domain with direct request/fake browser (multiple families) " (SID: 2018572, Rev: 2, Severity: 1) categorized as "A Network Trojan was detected" (Backdoor, ransomware, trojans, etc.)ĭetected alert "ET CURRENT_EVENTS WinHttpRequest Downloading EXE" (SID: 2019822, Rev: 7, Severity: 1) categorized as "A Network Trojan was detected" (Phishing, Exploit Kits) Detected alert "ET POLICY HTTP Request to. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
January 2023
Categories |