| 查杀引擎 | 查杀结果 | 查杀时间 | 查杀版本 |
|---|---|---|---|
| McAfee | Trojan-FFRU!E26F1F9451B7 | 20200408 | 6.0.6.653 |
| Alibaba | 20190527 | 0.3.0.5 | |
| Baidu | 20190318 | 1.0.0.2 | |
| Kingsoft | 20200408 | 2013.8.14.323 | |
| Tencent | Malware.Win32.Gencirc.10b8f3e5 | 20200408 | 1.0.0.1 |
| Avast | Win32:CryptoLocker-B [Trj] | 20200407 | 18.4.3895.0 |
| CrowdStrike | win/malicious_confidence_100% (D) | 20190702 | 1.0 |
| host | 151.139.128.14 | |||
| host | 172.217.24.14 | |||
| host | 52.218.63.28 | |||
| Bkav | W32.RansomwareALTAS.Trojan |
| MicroWorld-eScan | Trojan.Agent.BHTA |
| CAT-QuickHeal | Worm.Gamarue.WR5 |
| McAfee | Trojan-FFRU!E26F1F9451B7 |
| Cylance | Unsafe |
| Zillya | Trojan.Agent.Win32.508499 |
| SUPERAntiSpyware | Trojan.Agent/Gen-Rovnix |
| K7AntiVirus | Trojan ( 004b5c0b1 ) |
| K7GW | Trojan ( 004b5c0b1 ) |
| Cybereason | malicious.451b7a |
| Arcabit | Trojan.Agent.BHTA |
| Invincea | heuristic |
| BitDefenderTheta | Gen:NN.ZexaF.34106.Iq1@aiYvsDki |
| Cyren | W32/Backdoor.KVKX-2352 |
| Symantec | ML.Attribute.HighConfidence |
| TotalDefense | Win32/Cutwail.DFQKcCB |
| APEX | Malicious |
| ClamAV | Win.Malware.Bhta-7598462-0 |
| Kaspersky | HEUR:Trojan.Win32.Generic |
| BitDefender | Trojan.Agent.BHTA |
| NANO-Antivirus | Trojan.Win32.Agent.dnqgjc |
| Rising | Trojan.Win32.Filecoder.v (RDMK:cmRtazqyHUUzKC2sOK0VkjHPq/Ss) |
| Ad-Aware | Trojan.Agent.BHTA |
| Sophos | Troj/Agent-ALOF |
| F-Secure | Trojan.TR/Teerac.A.10 |
| DrWeb | Trojan.Encoder.847 |
| VIPRE | Trojan.Win32.Filecoder.dia (v) |
| McAfee-GW-Edition | Trojan-FFRU!E26F1F9451B7 |
| Trapmine | malicious.moderate.ml.score |
| FireEye | Generic.mg.e26f1f9451b7adc3 |
| Emsisoft | Trojan.Agent.BHTA (B) |
| SentinelOne | DFI - Malicious PE |
| F-Prot | W32/Backdoor2.HWZN |
| Jiangmin | Trojan/Rack.e |
| eGambit | Unsafe.AI_Score_99% |
| Avira | TR/Teerac.A.10 |
| MAX | malware (ai score=86) |
| Antiy-AVL | Trojan/Win32.Agent |
| Microsoft | TrojanDownloader:Win32/Cutwail |
| Endgame | malicious (high confidence) |
| ZoneAlarm | HEUR:Trojan.Win32.Generic |
| GData | Trojan.Agent.BHTA |
| AhnLab-V3 | Trojan/Win32.Xema.R134831 |
| Acronis | suspicious |
| VBA32 | Trojan.Agent |
| ALYac | Trojan.Agent.BHTA |
| Malwarebytes | Ransom.Crypt0L0cker |
| ESET-NOD32 | Win32/Filecoder.TorrentLocker.A |
| Tencent | Malware.Win32.Gencirc.10b8f3e5 |
| Yandex | Trojan.Agent!lgBTD6EvGR4 |
No hosts contacted.
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| time.windows.com |
A 20.189.79.72
CNAME time.microsoft.akadns.net |
|
| dns.msftncsi.com | AAAA fd3e:4f5a:5b81::1 | 131.107.255.255 |
| dns.msftncsi.com | A 131.107.255.255 | 131.107.255.255 |
| teredo.ipv6.microsoft.com |
| Source | Source Port | Destination | Destination Port |
|---|---|---|---|
| 52.218.63.28 | 80 | 192.168.56.101 | 49187 |
| Source | Source Port | Destination | Destination Port |
|---|---|---|---|
| 192.168.56.101 | 53237 | 114.114.114.114 | 53 |
| 192.168.56.101 | 53657 | 114.114.114.114 | 53 |
| 192.168.56.101 | 57756 | 114.114.114.114 | 53 |
| 192.168.56.101 | 62318 | 114.114.114.114 | 53 |
| 192.168.56.101 | 137 | 192.168.56.255 | 137 |
| 192.168.56.101 | 138 | 192.168.56.255 | 138 |
| 192.168.56.101 | 123 | 20.189.79.72 time.windows.com | 123 |
| 192.168.56.101 | 49235 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 49713 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 50534 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 50568 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 51808 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 51963 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 56804 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 57874 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 62191 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 63429 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 1900 | 239.255.255.250 | 1900 |
| 192.168.56.101 | 49714 | 239.255.255.250 | 3702 |
| 192.168.56.101 | 50569 | 239.255.255.250 | 3702 |
No HTTP requests performed.
No ICMP traffic performed.
No IRC requests performed.
No Suricata Alerts
No Suricata TLS
No Snort Alerts