Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- * ID: 1490
- * MalFamily: "Ursu"
- * MalScore: 4.0
- * File Name: "Trickbot_75fae04dee012e8687c5c1f5ffdf0d30.php"
- * File Size: 364544
- * File Type: "PE32 executable (GUI) Intel 80386, for MS Windows"
- * SHA256: "a6ea87baba2153a7f37d47d1b5b9106b30d25846e60005c668c7f18c941eeea1"
- * MD5: "75fae04dee012e8687c5c1f5ffdf0d30"
- * SHA1: "7ced1cddac351b20d41e0e7b2461bf628df867f3"
- * SHA512: "a7bcb671e863490de169cc81b3f9bd3d77a9a65023e5e8ce4b9b484c08daac96d82e595f1acf415e12fe30199c089f377f0b2433bb58f1de0289702943cb23af"
- * CRC32: "09C06A0E"
- * SSDEEP: "6144:raf97jq53SGgNnurUGgTTUYZbKXDMtVwrvNoQg/SifIbwHPWJQB:Q97turC7ZbKXDGVwr1oQg/DI4Wu"
- * Process Execution:
- * Executed Commands:
- * Signatures Detected:
- "Description": "File has been identified by 8 Antiviruses on VirusTotal as malicious",
- "Details":
- "MicroWorld-eScan": "Gen:Variant.Ursu.590370"
- "Cylance": "Unsafe"
- "BitDefender": "Gen:Variant.Ursu.590370"
- "APEX": "Malicious"
- "Paloalto": "generic.ml"
- "FireEye": "Gen:Variant.Ursu.590370"
- "Emsisoft": "Gen:Variant.Ursu.590370 (B)"
- "MAX": "malware (ai score=81)"
- "Description": "The binary likely contains encrypted or compressed data.",
- "Details":
- "section": "name: .rsrc, entropy: 7.79, characteristics: IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ, raw_size: 0x00030000, virtual_size: 0x0002fd34"
- * Started Service:
- * Mutexes:
- * Modified Files:
- * Deleted Files:
- * Modified Registry Keys:
- * Deleted Registry Keys:
- * DNS Communications:
- * Domains:
- * Network Communication - ICMP:
- * Network Communication - HTTP:
- * Network Communication - SMTP:
- * Network Communication - Hosts:
- * Network Communication - IRC:
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement