| 查杀引擎 | 查杀结果 | 查杀时间 | 查杀版本 |
|---|---|---|---|
| McAfee | Artemis!9477D2968DAE | 20201211 | 6.0.6.653 |
| Alibaba | Trojan:Win32/Tinba.4c15bad9 | 20190527 | 0.3.0.5 |
| CrowdStrike | win/malicious_confidence_100% (W) | 20190702 | 1.0 |
| Baidu | Win32.Trojan.Kryptik.aww | 20190318 | 1.0.0.2 |
| Kingsoft | 20201211 | 2017.9.26.565 | |
| Avast | Win32:Malware-gen | 20201210 | 21.1.5827.0 |
| Tencent | Malware.Win32.Gencirc.10cdcede | 20201211 | 1.0.0.1 |
| entropy | 7.7433426877751605 | section | {'size_of_data': '0x00001000', 'virtual_address': '0x00019000', 'entropy': 7.7433426877751605, 'name': '.rsrc', 'virtual_size': '0x00001000'} | description | A section with a high entropy has been found | |||||||||
| section | UPX0 | description | Section name indicates UPX | ||||||
| section | UPX1 | description | Section name indicates UPX | ||||||
| host | 113.108.239.196 | |||
| host | 172.217.24.14 | |||
| dead_host | 192.168.56.101:49185 |
| Elastic | malicious (high confidence) |
| MicroWorld-eScan | Gen:Variant.Graftor.497753 |
| FireEye | Generic.mg.9477d2968daefcb9 |
| McAfee | Artemis!9477D2968DAE |
| Cylance | Unsafe |
| Zillya | Trojan.Generic.Win32.1000076 |
| AegisLab | Trojan.Win32.Generic.4!c |
| Sangfor | Malware |
| K7AntiVirus | Riskware ( 0040eff71 ) |
| Alibaba | Trojan:Win32/Tinba.4c15bad9 |
| K7GW | Riskware ( 0040eff71 ) |
| CrowdStrike | win/malicious_confidence_100% (W) |
| Arcabit | Trojan.Graftor.D79859 |
| Cyren | W32/Trojan.FLWR-7992 |
| Symantec | ML.Attribute.HighConfidence |
| Baidu | Win32.Trojan.Kryptik.aww |
| Paloalto | generic.ml |
| ClamAV | Win.Trojan.Tinba-6390856-0 |
| Kaspersky | HEUR:Trojan.Win32.Generic |
| BitDefender | Gen:Variant.Graftor.497753 |
| APEX | Malicious |
| Rising | Trojan.Kryptik!1.A6CB (CLASSIC) |
| Ad-Aware | Gen:Variant.Graftor.497753 |
| Sophos | Mal/Generic-S |
| Comodo | Packed.Win32.MUPX.Gen@24tbus |
| VIPRE | Trojan.Win32.Generic!BT |
| McAfee-GW-Edition | BehavesLike.Win32.Generic.cm |
| Emsisoft | Gen:Variant.Graftor.497753 (B) |
| Ikarus | Trojan.Win32.Tinba |
| Jiangmin | Trojan.Generic.ekaor |
| eGambit | Unsafe.AI_Score_53% |
| Antiy-AVL | Trojan/Win32.Tinba |
| Microsoft | Trojan:Win32/Tinba.DSK!MTB |
| ZoneAlarm | HEUR:Trojan.Win32.Generic |
| GData | Gen:Variant.Graftor.497753 |
| Cynet | Malicious (score: 100) |
| AhnLab-V3 | Trojan/Win32.Generic.C3679561 |
| ALYac | Gen:Variant.Graftor.497753 |
| MAX | malware (ai score=82) |
| Avast | Win32:Malware-gen |
| Tencent | Malware.Win32.Gencirc.10cdcede |
| SentinelOne | Static AI - Suspicious PE |
| MaxSecure | Trojan.Malware.7164915.susgen |
| Fortinet | W32/Agent.BB50!tr |
| AVG | Win32:Malware-gen |
| Cybereason | malicious.68daef |
| Panda | Trj/CI.A |
| Qihoo-360 | Win32/Trojan.e6d |
No hosts contacted.
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| dns.msftncsi.com | A 131.107.255.255 | 131.107.255.255 |
| dns.msftncsi.com | AAAA fd3e:4f5a:5b81::1 | 131.107.255.255 |
| teredo.ipv6.microsoft.com | 127.0.0.1 |
No TCP connections recorded.
| Source | Source Port | Destination | Destination Port |
|---|---|---|---|
| 192.168.56.101 | 49235 | 114.114.114.114 | 53 |
| 192.168.56.101 | 50534 | 114.114.114.114 | 53 |
| 192.168.56.101 | 56539 | 114.114.114.114 | 53 |
| 192.168.56.101 | 65004 | 114.114.114.114 | 53 |
| 192.168.56.101 | 137 | 192.168.56.255 | 137 |
| 192.168.56.101 | 55368 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 56804 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 60123 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 62191 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 1900 | 239.255.255.250 | 1900 |
| 192.168.56.101 | 56540 | 239.255.255.250 | 3702 |
| 192.168.56.101 | 56807 | 239.255.255.250 | 1900 |
| 192.168.56.101 | 58707 | 239.255.255.250 | 3702 |
No HTTP requests performed.
No ICMP traffic performed.
No IRC requests performed.
No Suricata Alerts
No Suricata TLS
No Snort Alerts