| 查杀引擎 | 查杀结果 | 查杀时间 | 查杀版本 |
|---|---|---|---|
| McAfee | Artemis!91639051E605 | 20190925 | 6.0.6.653 |
| Alibaba | 20190527 | 0.3.0.5 | |
| Baidu | 20190318 | 1.0.0.2 | |
| Avast | 20190925 | 18.4.3895.0 | |
| Kingsoft | 20190925 | 2013.8.14.323 | |
| Tencent | 20190925 | 1.0.0.1 | |
| CrowdStrike | 20190702 | 1.0 |
| file | C:\Users\Administrator.Oskar-PC\AppData\Local\Temp\_MEI3602\msvcm90.dll |
| file | C:\Users\Administrator.Oskar-PC\AppData\Local\Temp\_MEI3602\wxmsw30u_adv_vc90_x64.dll |
| file | C:\Users\Administrator.Oskar-PC\AppData\Local\Temp\_MEI3602\wxbase30u_net_vc90_x64.dll |
| file | C:\Users\Administrator.Oskar-PC\AppData\Local\Temp\_MEI3602\python27.dll |
| file | C:\Users\Administrator.Oskar-PC\AppData\Local\Temp\_MEI3602\wxmsw30u_html_vc90_x64.dll |
| file | C:\Users\Administrator.Oskar-PC\AppData\Local\Temp\_MEI3602\wxbase30u_vc90_x64.dll |
| file | C:\Users\Administrator.Oskar-PC\AppData\Local\Temp\_MEI3602\wxmsw30u_core_vc90_x64.dll |
| file | C:\Users\Administrator.Oskar-PC\AppData\Local\Temp\_MEI3602\msvcr90.dll |
| file | C:\Users\Administrator.Oskar-PC\AppData\Local\Temp\_MEI3602\msvcp90.dll |
| McAfee | Artemis!91639051E605 |
| DrWeb | Trojan.Surveyer.160 |
| McAfee-GW-Edition | FakeGame.gen.a |
| TrendMicro-HouseCall | TROJ_GEN.R002H06HN19 |
| Fortinet | Riskware/FakeGame |
| entropy | 6.804602163201875 | section | {'size_of_data': '0x00005600', 'virtual_address': '0x0000c000', 'entropy': 6.804602163201875, 'name': '.rdata', 'virtual_size': '0x00005470'} | description | A section with a high entropy has been found | |||||||||
| entropy | 7.465582661923411 | section | {'size_of_data': '0x0000ee00', 'virtual_address': '0x00025000', 'entropy': 7.465582661923411, 'name': '.rsrc', 'virtual_size': '0x0000ec88'} | description | A section with a high entropy has been found | |||||||||
| entropy | 0.6206896551724138 | description | Overall entropy of this PE file is high | |||||||||||
| host | 172.217.24.14 | |||
No hosts contacted.
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| time.windows.com |
A 20.189.79.72
CNAME time.microsoft.akadns.net |
|
| clients2.google.com |
CNAME clients.l.google.com
A 216.58.200.238 |
216.58.200.238 |
| dns.msftncsi.com | AAAA fd3e:4f5a:5b81::1 | 131.107.255.255 |
| dns.msftncsi.com | A 131.107.255.255 | 131.107.255.255 |
| teredo.ipv6.microsoft.com |
No TCP connections recorded.
| Source | Source Port | Destination | Destination Port |
|---|---|---|---|
| 192.168.56.101 | 53237 | 114.114.114.114 | 53 |
| 192.168.56.101 | 57756 | 114.114.114.114 | 53 |
| 192.168.56.101 | 57874 | 114.114.114.114 | 53 |
| 192.168.56.101 | 60384 | 114.114.114.114 | 53 |
| 192.168.56.101 | 62318 | 114.114.114.114 | 53 |
| 192.168.56.101 | 137 | 192.168.56.255 | 137 |
| 192.168.56.101 | 138 | 192.168.56.255 | 138 |
| 192.168.56.101 | 123 | 20.189.79.72 time.windows.com | 123 |
| 192.168.56.101 | 49235 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 49713 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 50534 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 51378 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 51808 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 51963 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 56804 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 62191 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 63429 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 1900 | 239.255.255.250 | 1900 |
| 192.168.56.101 | 49240 | 239.255.255.250 | 1900 |
| 192.168.56.101 | 57757 | 239.255.255.250 | 3702 |
No HTTP requests performed.
No ICMP traffic performed.
No IRC requests performed.
No Suricata Alerts
No Suricata TLS
No Snort Alerts