821Exes_73c33154d589546549f1fa2140019ca3_jpg_2019-09-03_15_30.txt

1.  
2. * ID: 821
3. * MalFamily: ""
4.  
5. * MalScore: 3.75
6.  
7. * File Name: "Exes_73c33154d589546549f1fa2140019ca3.jpg"
8. * File Size: 842240
9. * File Type: "PE32 executable (GUI) Intel 80386, for MS Windows"
10. * SHA256: "16152fb9324e2d5e627431a65745c550c4dca40c5fb870319aa2e687cb1e7edf"
11. * MD5: "73c33154d589546549f1fa2140019ca3"
12. * SHA1: "733d1269acddbe62617d3a5ed411d27e40a1a1e6"
13. * SHA512: "9013f151db27159d2d3161d29132efbb6907ebd55eaac152e6946b7b790d6747bc09c683d92bf7197fb77e2442ac0d2f9c1a58c8af718a88412ef050c9d79ed1"
14. * CRC32: "F93EC6CD"
15. * SSDEEP: "12288:NOmeh4c6MYRUOMvnashygy8BfssWBvVY/9SV2ppETYy8TzlK67E4hpgMfx:NC4c6MFh8sWBvV8FKYVlKi/p"
16.  
17. * Process Execution:
18.  
19. * Executed Commands:
20.  
21. * Signatures Detected:
22.  
23. "Description": "File has been identified by 9 Antiviruses on VirusTotal as malicious",
24. "Details":
25.  
26. "TrendMicro": "TrojanSpy.Win32.TRICKBOT.SMKA"
27.  
28.  
29. "APEX": "Malicious"
30.  
31.  
32. "Endgame": "malicious (high confidence)"
33.  
34.  
35. "AhnLab-V3": "Unwanted/Win32.Agent.R289865"
36.  
37.  
38. "ESET-NOD32": "a variant of Win32/GenKryptik.DRVY"
39.  
40.  
41. "TrendMicro-HouseCall": "TrojanSpy.Win32.TRICKBOT.SMKA"
42.  
43.  
44. "Rising": "Trojan.Casur!8.10E51 (TFE:5:Od3el7JnfgC)"
45.  
46.  
47. "Ikarus": "Trojan.Win32.Trickbot"
48.  
49.  
50. "Fortinet": "W32/GenKryptik.DRVY!tr"
51.  
52.  
53.  
54.  
55.  
56. * Started Service:
57.  
58. * Mutexes:
59.  
60. * Modified Files:
61.  
62. * Deleted Files:
63.  
64. * Modified Registry Keys:
65.  
66. * Deleted Registry Keys:
67.  
68. * DNS Communications:
69.  
70. * Domains:
71.  
72. * Network Communication - ICMP:
73.  
74. * Network Communication - HTTP:
75.  
76. * Network Communication - SMTP:
77.  
78. * Network Communication - Hosts:
79.  
80. * Network Communication - IRC: