![]() ![]() Spawned process "pev.3XE" with commandline "C:\32788R22FWJFW\PEV.3XE RIMPORT C:\32788R22FWJFW\EXE.reg" ( Show Process) Spawned process "ns96C.tmp" with commandline "C:\32788R22FWJFW\PEV.3XE RIMPORT C:\32788R22FWJFW\EXE.reg" ( Show Process) YARA signature "RSharedStrings" classified process "9f025213db820352df7b27a5dffdef8a.EXE" as "surtr" based on indicators: "soul" (Author: Katie Kleemola) YARA signature "SurtrStrings" classified process "9f025213db820352df7b27a5dffdef8a.EXE" as "surtr" based on indicators: "LiveUpdata_Mem\" (Author: Katie Kleemola) YARA signature "SurtrStrings" classified file "List-B.bat" as "surtr" based on indicators: "LiveUpdata_Mem\" (Author: Katie Kleemola) ![]() YARA signature "UPX" classified file "9f025213db820352df7b27a5dffdef8a.EXE" as "upx" based on indicators: "UPX0,UPX1,UPX!" (Author: Kevin Breen ) YARA signature "T5000Strings" classified file "List.bat" as "T5000" based on indicators: "Dtl.dat" (Author: Seth Hardy) YARA signature "SurtrStrings" classified file "setpath_N.cmd" as "surtr" based on indicators: "Burn\" (Author: Katie Kleemola) YARA signature "UPX" classified file "" as "upx" based on indicators: "UPX0,UPX1,UPX!" (Author: Kevin Breen ) 7/84 Antivirus vendors marked spawned process "" (PID: 3824) as malicious (classified as "Riskware" with 8% detection rate)ġ/84 Antivirus vendors marked spawned process "pev.3XE" (PID: 3756) as malicious (classified as "Malware.Generic" with 1% detection rate)ġ/84 Antivirus vendors marked spawned process "hidec.3XE" (PID: 3212) as malicious (classified as "Malware.Generic" with 1% detection rate)ġ/84 Antivirus vendors marked spawned process "pev.3XE" (PID: 3368) as malicious (classified as "Malware.Generic" with 1% detection rate)ġ/84 Antivirus vendors marked spawned process "pev.3XE" (PID: 1932) as malicious (classified as "Malware.Generic" with 1% detection rate)ġ/84 Antivirus vendors marked spawned process "pev.3XE" (PID: 3884) as malicious (classified as "Malware.Generic" with 1% detection rate)ġ/84 Antivirus vendors marked spawned process "hidec.3XE" (PID: 2884) as malicious (classified as "Malware.Generic" with 1% detection rate)
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |