| 查杀引擎 | 查杀结果 | 查杀时间 | 查杀版本 |
|---|---|---|---|
| McAfee | GenericRXLK-OW!DE3E62B322B1 | 20210126 | 6.0.6.653 |
| Alibaba | Backdoor:Win32/Rescoms.eecb792a | 20190527 | 0.3.0.5 |
| Baidu | 20190318 | 1.0.0.2 | |
| Avast | Win32:Malware-gen | 20210126 | 21.1.5827.0 |
| Tencent | Malware.Win32.Gencirc.10cde058 | 20210126 | 1.0.0.1 |
| Kingsoft | 20210126 | 2017.9.26.565 | |
| CrowdStrike | win/malicious_confidence_100% (W) | 20210106 | 1.0 |
| section | .itext |
| host | 172.217.24.14 | |||
| dead_host | 108.160.167.147:443 |
| Bkav | W32.AIDetectVM.malware2 |
| Elastic | malicious (high confidence) |
| MicroWorld-eScan | Trojan.Agent.ETSV |
| FireEye | Generic.mg.de3e62b322b195e2 |
| McAfee | GenericRXLK-OW!DE3E62B322B1 |
| Cylance | Unsafe |
| Sangfor | Malware |
| K7AntiVirus | Trojan ( 0053ba121 ) |
| Alibaba | Backdoor:Win32/Rescoms.eecb792a |
| K7GW | Trojan ( 0053ba121 ) |
| Cybereason | malicious.322b19 |
| Arcabit | Trojan.Agent.ETSV |
| BitDefenderTheta | Gen:NN.ZelphiF.34780.5KY@a0uOK8mi |
| Cyren | W32/Delf.WRQD-3477 |
| Symantec | ML.Attribute.HighConfidence |
| TrendMicro-HouseCall | TROJ_GEN.R007C0DKG20 |
| Avast | Win32:Malware-gen |
| Kaspersky | HEUR:Exploit.Win32.BypassUAC.gen |
| BitDefender | Trojan.Agent.ETSV |
| NANO-Antivirus | Exploit.Win32.BypassUAC.hnwrzy |
| Paloalto | generic.ml |
| Tencent | Malware.Win32.Gencirc.10cde058 |
| Ad-Aware | Trojan.Agent.ETSV |
| Sophos | Mal/Generic-S |
| Comodo | Malware@#2vuael3uinfbh |
| F-Secure | Trojan.TR/Rescoms.uqvft |
| VIPRE | Trojan.Win32.Generic!BT |
| TrendMicro | TROJ_GEN.R007C0DKG20 |
| McAfee-GW-Edition | GenericRXLK-OW!DE3E62B322B1 |
| SentinelOne | Static AI - Suspicious PE |
| Emsisoft | Trojan.Agent.ETSV (B) |
| APEX | Malicious |
| Jiangmin | Exploit.BypassUAC.bvf |
| eGambit | PE.Heur.InvalidSig |
| Avira | TR/Rescoms.uqvft |
| MAX | malware (ai score=85) |
| Antiy-AVL | Trojan[Exploit]/Win32.BypassUAC |
| Microsoft | Trojan:Win32/RemcosCrypt.ACH!MTB |
| ZoneAlarm | HEUR:Exploit.Win32.BypassUAC.gen |
| GData | Trojan.Agent.ETSV |
| Cynet | Malicious (score: 100) |
| AhnLab-V3 | Trojan/Win32.BypassUAC.R346175 |
| VBA32 | BScope.Trojan.Wacatac |
| Malwarebytes | Trojan.MalPack.SMY |
| ESET-NOD32 | Win32/Rescoms.B |
| Yandex | Trojan.Igent.bT6jtN.247 |
| Ikarus | Trojan.Inject |
| Fortinet | W32/GenKryptik.EKLE!tr |
| AVG | Win32:Malware-gen |
| Panda | Trj/GdSda.A |
No hosts contacted.
No TCP connections recorded.
| Source | Source Port | Destination | Destination Port |
|---|---|---|---|
| 192.168.56.101 | 49235 | 114.114.114.114 | 53 |
| 192.168.56.101 | 50534 | 114.114.114.114 | 53 |
| 192.168.56.101 | 51808 | 114.114.114.114 | 53 |
| 192.168.56.101 | 53657 | 114.114.114.114 | 53 |
| 192.168.56.101 | 56539 | 114.114.114.114 | 53 |
| 192.168.56.101 | 58367 | 114.114.114.114 | 53 |
| 192.168.56.101 | 65004 | 114.114.114.114 | 53 |
| 192.168.56.101 | 137 | 192.168.56.255 | 137 |
| 192.168.56.101 | 138 | 192.168.56.255 | 138 |
| 192.168.56.101 | 123 | 20.189.79.72 time.windows.com | 123 |
| 192.168.56.101 | 55368 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 56804 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 60123 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 62191 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 1900 | 239.255.255.250 | 1900 |
| 192.168.56.101 | 56807 | 239.255.255.250 | 1900 |
| 192.168.56.101 | 58368 | 239.255.255.250 | 3702 |
| 192.168.56.101 | 58370 | 239.255.255.250 | 3702 |
| 192.168.56.101 | 58707 | 239.255.255.250 | 3702 |
| 192.168.56.101 | 62192 | 239.255.255.250 | 3702 |
No HTTP requests performed.
No ICMP traffic performed.
No IRC requests performed.
No Suricata Alerts
No Suricata TLS
No Snort Alerts