| 查杀引擎 | 查杀结果 | 查杀时间 | 查杀版本 |
|---|---|---|---|
| McAfee | Artemis!D1A2A3EF3ED6 | 20200823 | 6.0.6.653 |
| Alibaba | TrojanBanker:Win32/IcedID.bdc05119 | 20190527 | 0.3.0.5 |
| CrowdStrike | win/malicious_confidence_60% (W) | 20190702 | 1.0 |
| Avast | Win32:Malware-gen | 20200823 | 18.4.3895.0 |
| Tencent | Win32.Trojan-banker.Icedid.Wqmk | 20200823 | 1.0.0.1 |
| Baidu | 20190318 | 1.0.0.2 | |
| Kingsoft | 20200823 | 2013.8.14.323 |
| pdb_path | c:\listclimb\AlwaysBuy\experienceSupport\GovernWrote\Bothbefore\completehopeFlower.pdb |
| host | 172.217.24.14 | |||
| Elastic | malicious (high confidence) |
| MicroWorld-eScan | Trojan.GenericKD.34335134 |
| FireEye | Generic.mg.d1a2a3ef3ed6f8d5 |
| McAfee | Artemis!D1A2A3EF3ED6 |
| Cylance | Unsafe |
| Zillya | Trojan.Slepak.Win32.60 |
| K7AntiVirus | Trojan ( 0056c5491 ) |
| Alibaba | TrojanBanker:Win32/IcedID.bdc05119 |
| K7GW | Trojan ( 0056c5491 ) |
| CrowdStrike | win/malicious_confidence_60% (W) |
| Arcabit | Trojan.Generic.D20BE99E |
| BitDefenderTheta | Gen:NN.ZexaF.34186.Nu0@aKFbIjni |
| Symantec | Trojan Horse |
| ESET-NOD32 | a variant of Win32/GenKryptik.EQBR |
| TrendMicro-HouseCall | TROJ_GEN.R002C0DHB20 |
| Paloalto | generic.ml |
| Kaspersky | Trojan-Banker.Win32.IcedID.twpt |
| BitDefender | Trojan.GenericKD.34335134 |
| NANO-Antivirus | Trojan.Win32.Slepak.hrmmrm |
| ViRobot | Trojan.Win32.Z.Icedid.640000 |
| Avast | Win32:Malware-gen |
| Tencent | Win32.Trojan-banker.Icedid.Wqmk |
| Ad-Aware | Trojan.GenericKD.34335134 |
| Emsisoft | Trojan.GenericKD.34335134 (B) |
| Comodo | TrojWare.Win32.UMal.wwyhq@0 |
| F-Secure | Trojan.TR/Kryptik.lffma |
| VIPRE | Trojan.Win32.Generic!BT |
| TrendMicro | TROJ_GEN.R002C0DHB20 |
| Sophos | Mal/Generic-S |
| Jiangmin | Trojan.Banker.IcedID.ou |
| MaxSecure | Trojan.Malware.104933079.susgen |
| Avira | TR/Kryptik.lffma |
| MAX | malware (ai score=83) |
| Antiy-AVL | Trojan/Win32.GenKryptik |
| Microsoft | Trojan:Win32/IcedId.VSC!MTB |
| AegisLab | Trojan.Win32.IcedID.7!c |
| ZoneAlarm | Trojan-Banker.Win32.IcedID.twpt |
| GData | Trojan.GenericKD.34335134 |
| Cynet | Malicious (score: 85) |
| ALYac | Trojan.IcedID.gen |
| Malwarebytes | Trojan.MalPack |
| APEX | Malicious |
| Rising | Trojan.GenKryptik!8.AA55 (CLOUD) |
| Ikarus | Trojan-Banker.IcedID |
| Fortinet | W32/GenKryptik.EQBR!tr |
| Webroot | W32.Trojan.Gen |
| AVG | Win32:Malware-gen |
| Panda | Trj/GdSda.A |
| Qihoo-360 | Win32/Trojan.abe |
No hosts contacted.
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| discsnooker.best | ||
| felliohreffer.co | ||
| dns.msftncsi.com | A 131.107.255.255 | 131.107.255.255 |
| dns.msftncsi.com | AAAA fd3e:4f5a:5b81::1 | 131.107.255.255 |
| teredo.ipv6.microsoft.com | 127.0.0.1 |
No TCP connections recorded.
| Source | Source Port | Destination | Destination Port |
|---|---|---|---|
| 192.168.56.101 | 49235 | 114.114.114.114 | 53 |
| 192.168.56.101 | 50534 | 114.114.114.114 | 53 |
| 192.168.56.101 | 51378 | 114.114.114.114 | 53 |
| 192.168.56.101 | 51808 | 114.114.114.114 | 53 |
| 192.168.56.101 | 53237 | 114.114.114.114 | 53 |
| 192.168.56.101 | 53657 | 114.114.114.114 | 53 |
| 192.168.56.101 | 56539 | 114.114.114.114 | 53 |
| 192.168.56.101 | 57874 | 114.114.114.114 | 53 |
| 192.168.56.101 | 58367 | 114.114.114.114 | 53 |
| 192.168.56.101 | 65004 | 114.114.114.114 | 53 |
| 192.168.56.101 | 137 | 192.168.56.255 | 137 |
| 192.168.56.101 | 138 | 192.168.56.255 | 138 |
| 192.168.56.101 | 55368 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 56804 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 60123 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 62191 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 1900 | 239.255.255.250 | 1900 |
| 192.168.56.101 | 50535 | 239.255.255.250 | 3702 |
| 192.168.56.101 | 50537 | 239.255.255.250 | 3702 |
| 192.168.56.101 | 56807 | 239.255.255.250 | 1900 |
No HTTP requests performed.
No ICMP traffic performed.
No IRC requests performed.
No Suricata Alerts
No Suricata TLS
No Snort Alerts