Infosec Binary Analisys. updatewin2.exe
|
|
- Gillian Atkinson
- 5 years ago
- Views:
Transcription
1 updatewin2.exe MalScore: 100 File type: File size: PE32 executable (GUI) Intel 80386, for MS Windows KB ( bytes) Compile time: :08:45 MD5: SHA1: Import hash: 996ba35165bb62473d2a6743a5200d b0b5cce95c b8d12a759c234bd2e0 5921adaaf66f8c259aeda9e22686cd4b Submitted: :48:04 URL(s) file hosting Antivirus Report Report date Detection Ratio Permalink :24:39 48/71 Import library SHELL32.dll KERNEL32.dll GDI32.dll USER32.dll Page 1 Date: :04:06
2 7 Behaviors detected by system signatures Attempts to repeatedly call a single API many times in order to delay analysis time - Spam: updatewin2.exe (2696) called API NtClose times The sample wrote data to the system hosts file. - added: ds.download.windowsupdate.com - added: added: download.windowsupdate.com - added: fe2.update.microsoft.com - added: whoer.net - added: added: windowsupdate.com - added: added: microsoft.com - added: added: added: windowsupdate.com - added: added: added: totalsecurity.com - added: added: gratissoftwaresite.com - added: tweakers.net - added: added: added: avg.com - added: added: bestevirusscanner.net - added: added: consumentenbond.nl - added: cheaplicensing.com - added: added: global.ahnlab.com - added: added: added: ahnlab.com - added: downloads.tomsguide.com - added: added: added: download82.com - added: download.cnet.com - added: added: added: avast.com - added: support.avast.com - added: added: added: consumentenbond.com - added: added: goedkoopsteantivirus.com - added: added: toptenreviews.com - added: added: antivirus.nl - added: added: bol.com - added: added: avira.com - added: added: bitdefender.com Page 2 Date: :04:06
3 - added: licentie2go.com - added: added: added: bullguard.com - added: added: kpn.com - added: virusscanner.software - added: added: added: comodo.com - added: added: drweb.com - added: download.drweb.com - added: added: vms.drweb.com - added: added: alternativeto.ne - added: added: softonic.com - added: added: added: softpedia.com - added: added: flipkart.com - added: virustotal.com - added: added: added: emsisoft.com - added: added: antimalwaresoftware.com - added: added: pcwebplus.com - added: added: pcmag.com - added: added: eset.com - added: added: surfspot.com - added: added: topantivirus.com - added: added: techzine.com - added: added: eset.com - added: added: fortinet.com - added: fortiguard.com - added: added: forticlient.com - added: added: added: kpn.com - added: added: kaspersky.com - added: added: consumentenbond.com - added: added: surfspot.com - added: added: topreviews.com - added: added: amecomputers.com - added: Page 3 Date: :04:06
4 - added: instantsoftware.com - added: added: malwarebytes.com - added: added: malwarebytes.org - added: download.cnet.com - added: added: added: bleepingcomputer.com - added: added: majorgeeks.com - added: added: seniorweb.com - added: added: amazon.com - added: added: techspot.com - added: filehippo.com - added: added: added: idealsoftware.com - added: uptodown.com - added: added: added: mcafee.com - added: home.mcafee.com - added: added: added: coolblue.com - added: added: pcmag.com - added: added: sky.com - added: norton.com - added: added: added: kieskeurig.com - added: internetsecurity.xfinity.com - added: added: added: symantec.com - added: added: campusshop.com - added: added: pandasecurity.com - added: added: paradigit.com - added: added: sophos.com - added: home.sophos.com - added: added: sophos.virtualsecurity.com - added: added: added: gratissoftware.com - added: added: seniorweb.com - added: added: softwareadvice.com - added: added: symantec.com - added: hostedendpoint.spn.com - added: Page 4 Date: :04:06
5 - added: added: g2crowd.com - added: added: trendmicro.com - added: added: goedkoopsteantivirus.com - added: download.cnet.com - added: added: added: ign.com - added: added: trusteer.com - added: my.webrootanywhere.com - added: added: added: webroot.com - added: added: techradar.com - added: support.microsoft.com - added: added: added: microsoft.com - added: pulse.microsoft.com - added: added: pcmweb.com - added: added: added: security.com - added: ccm.net - added: added: added: enigmasoftware.com - added: howtoremove.guide - added: added: added: viruses.com - added: added: spyware.com - added: sensorstechforum.com - added: added: greatis.com - added: added: added: pchubs.com - added: added: pcrisk.com - added: added: malware-board.com - added: pcthreatskiller.com - added: added: pcfixhelp.net - added: added: stepsforkillingthreats.com - added: added: added: removemalwarevirus.com - added: spyware-techie.com - added: added: anti-spyware-101.com - added: added: added: removeallvirus.com - added: Page 5 Date: :04:06
6 - added: pcthreat.com - added: added: pcinfectionsupport.com - added: added: howtouninstallpcmalware.com - added: computerprotectionpro.com - added: Creates RWX memory Possible date expiration check, exits too soon after checking local time - process: updatewin2.exe, PID 2696 Dynamic (imported) function loading detected - DynamicLoader: kernel32.dll/createtoolhelp32snapshot - DynamicLoader: kernel32.dll/module32firstw - DynamicLoader: kernel32.dll/globalalloc - DynamicLoader: kernel32.dll/loadlibrarya - DynamicLoader: kernel32.dll/virtualalloc - DynamicLoader: kernel32.dll/virtualprotect - DynamicLoader: kernel32.dll/virtualfree - DynamicLoader: kernel32.dll/getversionexa - DynamicLoader: kernel32.dll/terminateprocess - DynamicLoader: kernel32.dll/exitprocess - DynamicLoader: kernel32.dll/seterrormode - DynamicLoader: kernel32.dll/createfilew - DynamicLoader: kernel32.dll/getfilesize - DynamicLoader: kernel32.dll/setfilepointer - DynamicLoader: kernel32.dll/writefile - DynamicLoader: kernel32.dll/closehandle - DynamicLoader: kernel32.dll/writeconsolew - DynamicLoader: kernel32.dll/setfilepointerex - DynamicLoader: kernel32.dll/getconsolemode - DynamicLoader: kernel32.dll/getconsolecp - DynamicLoader: kernel32.dll/flushfilebuffers - DynamicLoader: kernel32.dll/heaprealloc - DynamicLoader: kernel32.dll/heapsize - DynamicLoader: kernel32.dll/getprocessheap - DynamicLoader: kernel32.dll/lcmapstringw - DynamicLoader: kernel32.dll/getstringtypew - DynamicLoader: kernel32.dll/getfiletype - DynamicLoader: kernel32.dll/setstdhandle - DynamicLoader: kernel32.dll/freeenvironmentstringsw - DynamicLoader: kernel32.dll/getenvironmentstringsw - DynamicLoader: kernel32.dll/unhandledexceptionfilter - DynamicLoader: kernel32.dll/setunhandledexceptionfilter - DynamicLoader: kernel32.dll/getcurrentprocess - DynamicLoader: kernel32.dll/terminateprocess - DynamicLoader: kernel32.dll/isprocessorfeaturepresent - DynamicLoader: kernel32.dll/queryperformancecounter - DynamicLoader: kernel32.dll/getcurrentprocessid - DynamicLoader: kernel32.dll/getcurrentthreadid - DynamicLoader: kernel32.dll/getsystemtimeasfiletime - DynamicLoader: kernel32.dll/initializeslisthead - DynamicLoader: kernel32.dll/isdebuggerpresent - DynamicLoader: kernel32.dll/getstartupinfow - DynamicLoader: kernel32.dll/getmodulehandlew - DynamicLoader: kernel32.dll/rtlunwind - DynamicLoader: kernel32.dll/raiseexception - DynamicLoader: kernel32.dll/getlasterror - DynamicLoader: kernel32.dll/setlasterror - DynamicLoader: kernel32.dll/entercriticalsection Page 6 Date: :04:06
7 - DynamicLoader: kernel32.dll/leavecriticalsection - DynamicLoader: kernel32.dll/deletecriticalsection - DynamicLoader: kernel32.dll/initializecriticalsectionandspincount - DynamicLoader: kernel32.dll/tlsalloc - DynamicLoader: kernel32.dll/tlsgetvalue - DynamicLoader: kernel32.dll/tlssetvalue - DynamicLoader: kernel32.dll/tlsfree - DynamicLoader: kernel32.dll/freelibrary - DynamicLoader: kernel32.dll/getprocaddress - DynamicLoader: kernel32.dll/loadlibraryexw - DynamicLoader: kernel32.dll/getstdhandle - DynamicLoader: kernel32.dll/getmodulefilenamew - DynamicLoader: kernel32.dll/multibytetowidechar - DynamicLoader: kernel32.dll/widechartomultibyte - DynamicLoader: kernel32.dll/exitprocess - DynamicLoader: kernel32.dll/getmodulehandleexw - DynamicLoader: kernel32.dll/getacp - DynamicLoader: kernel32.dll/heapalloc - DynamicLoader: kernel32.dll/heapfree - DynamicLoader: kernel32.dll/findclose - DynamicLoader: kernel32.dll/findfirstfileexw - DynamicLoader: kernel32.dll/findnextfilew - DynamicLoader: kernel32.dll/isvalidcodepage - DynamicLoader: kernel32.dll/getoemcp - DynamicLoader: kernel32.dll/getcpinfo - DynamicLoader: kernel32.dll/getcommandlinea - DynamicLoader: kernel32.dll/getcommandlinew - DynamicLoader: USER32.dll/MessageBoxA - DynamicLoader: SHELL32.dll/SHGetFolderPathW - DynamicLoader: SHLWAPI.dll/PathAppendW - DynamicLoader: msvcr100.dll/atexit - DynamicLoader: kernel32.dll/initializecriticalsectionex - DynamicLoader: kernel32.dll/flsalloc - DynamicLoader: kernel32.dll/flssetvalue - DynamicLoader: kernel32.dll/initializecriticalsectionex - DynamicLoader: kernel32.dll/flsalloc - DynamicLoader: kernel32.dll/flsgetvalue - DynamicLoader: kernel32.dll/flssetvalue - DynamicLoader: kernel32.dll/lcmapstringex Unconventionial language used in binary resources: Serbian SetUnhandledExceptionFilter detected (possible anti-debug) Page 7 Date: :04:06
Infosec Binary Analisys. dew.fgh
dew.fgh MalFamily: Malicious MalScore: 100 File type: File size: PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive 344.03 KB (352285 bytes) Compile time: 2014-10-07
More informationInfosec Binary Analisys. amd6.exe
amd6.exe MalScore: 100 File type: File size: PE32 executable (GUI) Intel 80386, for MS Windows 2507.29 KB (2567464 bytes) Compile time: 2018-05-02 17:08:30 MD5: SHA1: Import hash: c64b759c1022c22eaf2e4825eca431df
More informationInfosec Binary Analisys. amd4.exe
amd4.exe MalScore: 100 File type: File size: PE32 executable (GUI) Intel 80386, for MS Windows 2559.79 KB (2621224 bytes) Compile time: 2018-05-02 17:08:30 MD5: SHA1: Import hash: 25705698d4403963b89432c39ee4eeed
More informationDOMAINS TO ADD TO FORTINAC ALLOWED DOMAINS LIST
HOW-TO DOMAINS TO ADD TO FORTINAC ALLOWED DOMAINS LIST DATE: 9.21.2015 UPDATED: 8.23.2018 When a device is connected to an isolation VLAN (e.g., Registration, Quarantine, DeadEnd), the NAC Server/NAC Application
More informationAnti-Virus Comparative Summary Report 2008
Anti-Virus Comparative Summary Report 2008 Awards, winners, comments Date: December 2008 Last revision: 9 th December 2008 Website: http://www.av-comparatives.org 1. Introduction At the end of every year,
More informationID: Sample Name: quzpecasrh Cookbook: default.jbs Time: 16:55:54 Date: 07/10/2017 Version:
ID: 3393 Sample Name: quzpecasrh Cookbook: default.jbs Time: 1:55:54 Date: 0//201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification
More informationID: Cookbook: urldownload.jbs Time: 16:10:39 Date: 07/12/2017 Version:
ID: 94 Cookbook: urldownload.jbs Time: 1:10:9 Date: 0/12/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Signature
More informationID: Sample Name: image002 Cookbook: default.jbs Time: 18:19:28 Date: 18/05/2018 Version:
ID: 0309 Sample Name: image002 Cookbook: default.jbs Time: 1:19:2 Date: 1/05/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification
More informationSummary. Verdict: Malware DETECTION SECTION CLASSIFICATION HIGH LEVEL BEHAVIOR DISTRIBUTION ACTIVITY OVERVIEW
Page 1 Summary File Name: chit_na_batlu.exe File Type: PE32 executable (GUI) Intel 80386, for MS Windows SHA1: 02b1967cfd2fd2b27437cd69ddd679b893edca92 MD5: f7cf8df79a4624253cf6d7804af6b7ab MALWARE Valkyrie
More informationEpisode I 10/13/2011. The Internet and how am I connected. A Firewall what. And a Wireless whatchama call it. (the box with the blinking lights)
October 17, 2011 Episode I The Internet and how am I connected. A Firewall what. And a Wireless whatchama call it. (the box with the blinking lights) Mobile Internet Access..Anywhere.Anytime 1 Home Internet
More informationID: Sample Name: ff2c8cadaa0fd8da6138cce6fce37e001f53a5d9ceccd67945b15ae273f4d751.evaljs.js Cookbook: default.jbs Time: 16:44:00 Date:
ID: 33355 Sample Name: ff2c8cadaa0fd8da138ccefce3e001f53a5dceccd45b15ae23f4d51.evaljs.js Cookbook: default.jbs Time: 1:44:00 Date: 04//201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report
More informationSummary. Verdict: Malware CLASSIFICATION DETECTION SECTION HIGH LEVEL BEHAVIOR DISTRIBUTION ACTIVITY OVERVIEW
Page 1 Summary File Name: TealWake.exe File Type: PE32 executable (GUI) Intel 80386, for MS Windows SHA1: 5274ebb1b444f3576699f39b74599783770c36b0 MD5: 3d677e8f6bf82f7fd0a432cd9be89fc1 MALWARE Valkyrie
More informationID: Sample Name: js.jar Cookbook: defaultwindowsfilecookbook.jbs Time: 10:01:15 Date: 26/09/2018 Version:
ID: 80115 Sample Name: js.jar Cookbook: defaultwindowsfilecookbook.jbs Time: 10:01:15 Date: 26/09/2018 Version: 23.0.0 Table of Contents Table of Contents Analysis Report js.jar Overview General Information
More informationID: Sample Name: 11youtube3.com Cookbook: default.jbs Time: 08:17:42 Date: 12/04/2018 Version:
ID: 54295 Sample Name: 11youtube3.com Cookbook: default.jbs Time: 08:1:42 Date: 12/04/2018 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence
More informationID: Sample Name: maintools.js Cookbook: default.jbs Time: 15:43:35 Date: 17/02/2018 Version:
ID: 48 Sample Name: maintools.js Cookbook: default.jbs Time: 1:43:3 Date: 1/02/2018 Version: 21.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence
More informationID: Sample Name: oq5wdjgk2r.exe Cookbook: default.jbs Time: 20:25:47 Date: 22/11/2017 Version:
ID: 388 Sample Name: oq5wdjgk2r.exe Cookbook: default.jbs Time: 20:25:4 Date: 22/11/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence
More informationID: Cookbook: urldownload.jbs Time: 19:53:36 Date: 07/03/2018 Version:
ID: 49 Cookbook: urldownload.jbs Time: 19:: Date: 0/0/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice
More informationID: Sample Name: tesseract-ocrsetup exe. Cookbook: default.jbs Time: 16:44:15 Date: 12/02/2018 Version:
ID: 46161 Sample Name: tesseract-ocrsetup-3.05.01.exe Cookbook: default.jbs Time: 16:44:15 Date: 12/02/2018 Version: 20.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence
More informationID: Sample Name: MobaXterm_installer.dat Cookbook: default.jbs Time: 18:29:43 Date: 25/05/2018 Version:
ID: 1259 Sample Name: MobaXterm_installer.dat Cookbook: default.jbs Time: 1:29:43 Date: 25/05/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection
More informationInfosec Binary Analisys. Order_2018[10].jar
Order_2018[10].jar MalFamily: Adwind MalScore: 100 File type: File size: Java archive data (JAR) 542.88 KB (555908 bytes) Compile time: 0000-00-00 00:00:00 MD5: SHA1: 2b75faa67abae20e293334792bb48aee 9f6e3ade58140db6799fe485271d81eaeafe2425
More informationID: Sample Name: test Cookbook: default.jbs Time: 09:46:13 Date: 21/05/2018 Version:
ID: 042 Sample Name: test Cookbook: default.jbs Time: 09:4:1 Date: 21/0/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification
More informationID: Sample Name: 5GeZNwROcB.bin Cookbook: default.jbs Time: 15:22:54 Date: 30/11/2017 Version:
ID: 82 Sample Name: GeZNwROcB.bin Cookbook: default.jbs Time: 1:22:4 Date: 0/11/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence
More informationID: Sample Name: dialog.nvp Cookbook: default.jbs Time: 00:09:12 Date: 10/05/2018 Version:
ID: 09 Sample Name: dialog.nvp Cookbook: default.jbs Time: 00:09:12 Date: 10/0/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence
More informationID: Sample Name: MacKeeper.dmg Cookbook: default.jbs Time: 11:09:32 Date: 02/06/2018 Version:
ID: 22 Sample Name: MacKeeper.dmg Cookbook: default.jbs Time: 11:0:2 Date: 02/0/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence
More informationID: Sample Name: Payment_Remittance#.xps Cookbook: defaultwindowsofficecookbook.jbs Time: 01:35:46 Date: 20/09/2018 Version: 23.0.
ID: 25 Sample Name: Payment_Remittance#.xps Cookbook: defaultwindowsofficecookbook.jbs Time: 01:35:4 Date: 20/09/201 Version: 23.0.0 Table of Contents Table of Contents Analysis Report Payment_Remittance#.xps
More informationCompliments of. Getting Help
Compliments of Getting Help The author and publisher have taken care in the preparation of this book, but make no expressed or implied warranty of any kind and assume no responsibility for errors or omissions.
More informationID: Sample Name: lt.pak Cookbook: default.jbs Time: 12:40:34 Date: 26/07/2018 Version:
ID: 90 Sample Name: lt.pak Cookbook: default.jbs Time: 12:40:4 Date: 2/0/201 Version: 2.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification
More informationID: Sample Name: NEW ORDER LIST.jar Cookbook: default.jbs Time: 10:19:47 Date: 19/02/2018 Version:
ID: 47020 Sample Name: NEW ORDER LIST.jar Cookbook: default.jbs Time: :19:47 Date: 19/02/201 Version: 21.0.0 Table of Contents Table of Contents Analysis Report Overview Information Detection Confidence
More informationID: Sample Name: dronefly.apk Cookbook: default.jbs Time: 10:24:54 Date: 07/06/2018 Version:
ID: 001 Sample Name: dronefly.apk Cookbook: default.jbs Time: 10:24:4 Date: 0/0/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence
More informationID: Sample Name: faktury_pdf.rar Cookbook: default.jbs Time: 12:24:33 Date: 15/12/2017 Version:
ID: 4019 Sample Name: faktury_pdf.rar Cookbook: default.jbs Time: 12:24: Date: 1/12/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence
More informationID: Sample Name: fly.jse Cookbook: default.jbs Time: 18:17:26 Date: 11/11/2017 Version:
ID: 371 Sample Name: fly.jse Cookbook: default.jbs Time: 1:17:2 Date: 11/11/2017 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview Information Detection Confidence Classification
More informationID: Cookbook: browseurl.jbs Time: 18:05:31 Date: 26/12/2017 Version:
ID: 41000 Cookbook: browseurl.jbs Time: 1:05:31 Date: 26/12/2017 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis
More informationID: Sample Name: modulecheck.js Cookbook: default.jbs Time: 17:46:31 Date: 01/02/2018 Version:
ID: 44491 Sample Name: modulecheck.js Cookbook: default.jbs Time: 17:4:31 Date: 01/02/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence
More informationBeagle.BG-BJ/Mitglieder (Tooso) Propagation infectionvectors.com March 2005
Beagle.BG-BJ/Mitglieder (Tooso) Propagation infectionvectors.com March 2005 The Beagle variants released March 1, 2005 used a specialized means of propagation that allows the author much greater control
More informationID: Cookbook: urldownload.jbs Time: 11:39:45 Date: 07/04/2018 Version:
ID: 53619 Cookbook: urldownload.jbs Time: 11:39:45 Date: 07/04/2018 Version: 22.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice Signature
More informationID: Sample Name: 11#Ucb#Uae#Uc4#Ube#Ue5#Ubb#UaafNOnOJTVYQ.exe Cookbook: default.jbs Time: 09:47:21 Date: 02/02/2018 Version: 20.0.
ID: 4457 Sample Name: #Ucb#Uae#Uc4#Ube#Ue5#Ubb#UaafNOnOJTVYQ.exe Cookbook: default.jbs Time: 09:47:21 Date: 02/02/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General
More informationID: Sample Name: testfiletestfile.txt Cookbook: default.jbs Time: 15:24:30 Date: 06/07/2018 Version:
ID: 6045 Sample Name: testfiletestfile.txt Cookbook: default.jbs Time: 15:24:30 Date: 06/0/201 Version: 23.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection
More informationID: Sample Name: 21PO jpg...js Cookbook: default.jbs Time: 14:32:06 Date: 21/11/2017 Version:
ID: 371 Sample Name: 21PO201745.jpg...js Cookbook: default.jbs Time: 14:32:0 Date: 21/11/2017 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview Information Detection Confidence
More informationID: Sample Name: process.0xfffffa8004b x dmp Cookbook: default.jbs Time: 22:45:59 Date: 02/12/2017 Version: 20.0.
ID: 38941 Sample Name: process.0xfffffa8004b120.0x480000.dmp Cookbook: default.jbs Time: 22:4:9 Date: 02/12/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information
More informationID: Cookbook: urldownload.jbs Time: 20:47:24 Date: 09/12/2017 Version:
ID: 0 Cookbook: urldownload.jbs Time: 20:4:24 Date: 0/12/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis
More informationID: Sample Name: vlaue.exe Cookbook: default.jbs Time: 18:54:49 Date: 26/01/2018 Version:
ID: 44024 Sample Name: vlaue.exe Cookbook: default.jbs Time: 18:4:49 Date: 2/01/2018 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence
More informationComodo Unknown File Hunter Software Version 2.1
rat Comodo Unknown File Hunter Software Version 2.1 Administrator Guide Guide Version 2.1.061118 Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013 Table of Contents 1 Introduction to Comodo
More informationID: Sample Name: text_0.txt Cookbook: default.jbs Time: 16:20:15 Date: 12/01/2018 Version:
ID: 4253 Sample Name: text_0.txt Cookbook: default.jbs Time: 1:20:15 Date: 12/01/2018 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence
More informationID: Sample Name: gpg4win exe.sig Cookbook: default.jbs Time: 21:44:31 Date: 02/02/2018 Version:
ID: Sample Name: gpgwin-.0..exe.sig Cookbook: default.jbs Time: 21::1 Date: 02/02/2018 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence
More informationID: Cookbook: urldownload.jbs Time: 16:41:45 Date: 23/06/2018 Version:
ID: 52 Cookbook: urldownload.jbs Time: 1:41:45 Date: 23/0/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Signature
More informationID: Sample Name: Coss, Daniel.vcf Cookbook: default.jbs Time: 15:16:47 Date: 21/06/2018 Version:
ID: 6467 Sample Name: Coss, Daniel.vcf Cookbook: default.jbs Time: 15:16:47 Date: 21/06/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence
More informationID: Cookbook: browseurl.jbs Time: 20:07:02 Date: 11/07/2018 Version:
ID: 67658 Cookbook: browseurl.jbs Time: 20:07:02 Date: 11/07/2018 Version: 23.0.0 Table of Contents Analysis Report Overview Information Detection Confidence Classification Analysis Advice Signature Overview
More informationID: Sample Name:._k.php Cookbook: default.jbs Time: 05:41:18 Date: 25/04/2018 Version:
ID: 2 Sample Name:._k.php Cookbook: default.jbs Time: 0:41:1 Date: 2/04/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification
More informationID: Cookbook: browseurl.jbs Time: 13:10:41 Date: 01/04/2018 Version:
ID: 52775 Cookbook: browseurl.jbs Time: 13:10:41 Date: 01/04/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis
More informationID: Sample Name: Unconfirmed crdownload Cookbook: default.jbs Time: 22:58:07 Date: 08/11/2017 Version:
ID: 80 Sample Name: Unconfirmed.crdownload Cookbook: default.jbs Time: 22:8:0 Date: 08/11/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection
More informationID: Sample Name: PO xls Cookbook: defaultwindowsofficecookbook.jbs Time: 03:13:36 Date: 08/01/2018 Version:
ID: 41861 Sample Name: PO65445465.xls Cookbook: defaultwindowsofficecookbook.jbs Time: 03::36 Date: 08/01/2018 Version: 20.0.0 Table of Contents Analysis Report Overview Information Detection Confidence
More informationAhnLab-V AntiVir Antiy-AVL Avast
VT Community Sign in Languages Virustotal is a service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus
More informationID: Cookbook: browseurl.jbs Time: 17:39:02 Date: 22/03/2018 Version:
ID: 5139 Cookbook: browseurl.jbs Time: 17:39:02 Date: 22/03/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis
More informationID: Sample Name: binarydata Cookbook: default.jbs Time: 22:09:57 Date: 22/11/2017 Version:
ID: 88 Sample Name: binarydata Cookbook: default.jbs Time: 22:09: Date: 22/11/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification
More informationID: Sample Name: INDUSTRIAL.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 02:35:30 Date: 25/04/2018 Version: 22.0.
ID: 56519 Sample Name: 20180542 INDUSTRIAL.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 02:35:30 Date: 25/04/2018 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview Information
More informationID: Cookbook: urldownload.jbs Time: 20:09:25 Date: 13/06/2018 Version:
ID: 3923 Cookbook: urldownload.jbs Time: 20:09:25 Date: 13/0/201 Version: 22.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice Signature
More informationID: Cookbook: browseurl.jbs Time: 15:46:38 Date: 29/03/2018 Version:
ID: 52374 Cookbook: browseurl.jbs Time: 15:46:3 Date: 29/03/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis
More informationID: Cookbook: urldownload.jbs Time: 08:25:02 Date: 29/10/2018 Version: Fire Opal
ID: Cookbook: urldownload.jbs Time: 0:25:02 Date: 29//201 Version: 24.0.0 Fire Opal Table of Contents Table of Contents Analysis Report http://15.1..14/neko.sh Overview General Information Detection Confidence
More informationID: Cookbook: browseurl.jbs Time: 12:58:02 Date: 02/04/2018 Version:
ID: 5253 Cookbook: browseurl.jbs Time: 12:5:02 Date: 02/04/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis
More informationID: Sample Name: test.txt Cookbook: default.jbs Time: 13:18:36 Date: 31/03/2018 Version:
ID: 5250 Sample Name: test.txt Cookbook: default.jbs Time: 13:18:3 Date: 31/03/2018 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence
More informationID: Sample Name: Serial.txt Cookbook: default.jbs Time: 02:59:20 Date: 07/05/2018 Version:
ID: 58133 Sample Name: Serial.txt Cookbook: default.jbs Time: 02:5:20 Date: 0/05/2018 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence
More informationComodo APT Assessment Tool
rat Comodo APT Assessment Tool Software Version 1.1 Administrator Guide Guide Version 1.1.102815 Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013 Table of Contents 1 Introduction to Comodo
More informationID: Sample Name: paint.net install.exe Cookbook: default.jbs Time: 00:46:01 Date: 01/12/2017 Version:
ID: 38812 Sample Name: paint.net.4.0.19.install.exe Cookbook: default.jbs Time: 00:46:01 Date: 01/12/2017 Version: 20.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence
More informationID: Sample Name: meterpreter64bit.exe Cookbook: default.jbs Time: 16:01:45 Date: 24/11/2017 Version:
ID: 0 Sample Name: meterpreter4bit.exe Cookbook: default.jbs Time: 1:01:4 Date: 24/11/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence
More informationID: Sample Name: E DA5e8a0c01b.txt Cookbook: default.jbs Time: 15:35:01 Date: 18/04/2018 Version:
ID: 55401 Sample Name: E203182DA5e8a0c01b.txt Cookbook: default.jbs Time: 15:35:01 Date: 18/04/2018 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection
More informationID: Sample Name: Dxd1yOZMU1.bin Cookbook: defaultwindowsofficecookbook.jbs Time: 09:43:59 Date: 21/10/2017 Version:
ID: 34788 Sample Name: Dxd1yOZMU1.bin Cookbook: defaultwindowsofficecookbook.jbs Time: 0:43:5 Date: 21/10/2017 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information
More informationID: Cookbook: urldownload.jbs Time: 22:46:20 Date: 19/02/2018 Version:
ID: 4706 Cookbook: urldownload.jbs Time: 22:46:20 Date: 1/02/201 Version: 21.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Signature
More informationID: Cookbook: urldownload.jbs Time: 18:48:38 Date: 19/06/2018 Version:
ID: 64646 Cookbook: urldownload.jbs Time: 1:4:3 Date: 19/06/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Signature
More informationID: Sample Name: Luxus.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 10:22:08 Date: 09/01/2018 Version:
ID: 42035 Sample Name: Luxus.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 10:22:08 Date: 09/01/2018 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview Information Detection
More informationID: Sample Name: FsQHOWXph8.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 20:31:13 Date: 16/03/2018 Version:
ID: 50648 Sample Name: FsQHOWXph8.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 20:31: Date: 16/03/2018 Version: 22.0.0 Table of Contents Analysis Report Overview Information Detection Confidence
More informationID: Cookbook: urldownload.jbs Time: 20:31:22 Date: 09/08/2018 Version:
ID: 153 Cookbook: urldownload.jbs Time: 20:31:22 Date: 09/0/201 Version: 23.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice Signature
More informationID: Sample Name: DOCS.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 16:07:38 Date: 06/02/2018 Version:
ID: 45263 Sample Name: DOCS.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 16:07:38 Date: 06/02/2018 Version: 20.0.0 Table of Contents Analysis Report Overview Information Detection Confidence Classification
More informationID: Sample Name: MobaXterm_installer_10.5.msi Cookbook: defaultwindowsmsicookbook.jbs Time: 18:29:36 Date: 25/05/2018 Version: 22.0.
ID: 61258 Sample Name: MobaXterm_installer_10.5.msi Cookbook: defaultwindowsmsicookbook.jbs Time: 18:29:36 Date: 25/05/2018 Version: 22.0.0 Table of Contents Analysis Report Overview Information Detection
More informationID: Sample Name: emotet.exe Cookbook: defaultwindowsofficecookbook.jbs Time: 07:07:14 Date: 07/11/2017 Version:
ID: 3626 Sample Name: emotet.exe Cookbook: defaultwindowsofficecookbook.jbs Time: 0:0:14 Date: 0/11/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview Information Detection
More informationID: Cookbook: urldownload.jbs Time: 02:55:04 Date: 01/02/2018 Version:
ID: 4441 Cookbook: urldownload.jbs Time: 02:55:04 Date: 01/02/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Signature
More informationID: Sample Name: flashlight_sky.apk Cookbook: defaultandroidfilecookbook.jbs Time: 16:39:31 Date: 07/02/2018 Version:
ID: 45399 Sample Name: flashlight_sky.apk Cookbook: defaultandroidfilecookbook.jbs Time: 16:39:31 Date: 07/02/2018 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information
More informationMcAfee Threat Intelligence Exchange Product Guide. (McAfee epolicy Orchestrator)
McAfee Threat Intelligence Exchange 2.2.0 Product Guide (McAfee epolicy Orchestrator) COPYRIGHT Copyright 2018 McAfee, LLC TRADEMARK ATTRIBUTIONS McAfee and the McAfee logo, McAfee Active Protection, epolicy
More informationID: Cookbook: browseurl.jbs Time: 22:12:09 Date: 17/11/2017 Version:
ID: 37366 Cookbook: browseurl.jbs Time: 22:12:09 Date: 17/11/2017 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis
More informationID: Sample Name: test.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 18:57:54 Date: 12/04/2018 Version:
ID: 54427 Sample Name: test.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 18:57:54 Date: /04/2018 Version: 22.0.0 Table of Contents Analysis Report Overview Information Detection Confidence Classification
More informationID: Cookbook: browseurl.jbs Time: 19:21:50 Date: 15/10/2017 Version:
ID: 34266 Cookbook: browseurl.jbs Time: 19:21:50 Date: 15/10/2017 Version: 20.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice Signature
More informationID: Sample Name: MSM- 24_Supply_List RU_518.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 17:15:48 Date: 19/06/2018 Version: 22.0.
ID: 64635 Sample Name: MSM- 24_Supply_List RU_518.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 17::48 Date: 1/06/2018 Version: 22.0.0 Table of Contents Analysis Report Overview Information Detection
More informationID: Cookbook: browseurl.jbs Time: 20:27:59 Date: 16/03/2018 Version:
ID: 50646 Cookbook: browseurl.jbs Time: 20:27:59 Date: 16/03/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis
More informationID: Sample Name: wtf.bat Cookbook: default.jbs Time: 18:32:35 Date: 19/05/2018 Version:
ID: 6036 Sample Name: wtf.bat Cookbook: default.jbs Time: 1:32:35 Date: 19/05/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification
More informationID: Sample Name: Liste1.jar Cookbook: default.jbs Time: 23:20:23 Date: 02/11/2017 Version:
ID: 35936 Sample Name: Liste1.jar Cookbook: default.jbs Time: 23:20:23 Date: 02/11/2017 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence
More informationID: Cookbook: browseurl.jbs Time: 13:46:19 Date: 09/05/2018 Version:
ID: 5702 Cookbook: browseurl.jbs Time: 13:46:19 Date: 09/05/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis
More informationID: Sample Name: SMS_MMS_1.0_1.apk Cookbook: defaultandroidfilecookbook.jbs Time: 14:20:20 Date: 01/12/2017 Version:
ID: 38864 Sample Name: SMS_MMS_1.0_1.apk Cookbook: defaultandroidfilecookbook.jbs Time: 14:20:20 Date: 01/12/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information
More informationID: Cookbook: urldownload.jbs Time: 19:58:34 Date: 02/05/2018 Version:
ID: 57706 Cookbook: urldownload.jbs Time: 19:5:34 Date: 02/05/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis
More informationID: Sample Name: scan00.html Cookbook: default.jbs Time: 22:21:27 Date: 16/12/2017 Version:
ID: 40269 Sample Name: scan00.html Cookbook: default.jbs Time: 22:21:27 Date: 16/12/2017 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence
More informationOnline Security and Safety Protect Your Computer - and Yourself!
Online Security and Safety Protect Your Computer - and Yourself! www.scscu.com Fraud comes in many shapes and sizes, but the outcome is simple: the loss of both money and time. That s why protecting your
More informationID: Cookbook: browseurl.jbs Time: 15:48:15 Date: 29/03/2018 Version:
ID: 52376 Cookbook: browseurl.jbs Time: 15:4:15 Date: 29/03/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis
More informationID: Cookbook: urldownload.jbs Time: 23:23:00 Date: 11/01/2018 Version:
ID: 42417 Cookbook: urldownload.jbs Time: 23:23:00 Date: 11/01/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Signature
More informationID: Sample Name: SSI Set Details.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 01:14:07 Date: 13/04/2018 Version: 22.0.
ID: 54478 Sample Name: SSI Set Details.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 01:14:07 Date: /04/2018 Version: 22.0.0 Table of Contents Analysis Report Overview Information Detection Confidence
More informationPackage virustotal. May 1, 2017
Title R Client for the VirusTotal API Version 0.2.1 Maintainer Gaurav Sood Package virustotal May 1, 2017 Use VirusTotal, a Google service that analyzes files and URLs for viruses,
More informationID: Cookbook: browseurl.jbs Time: 00:12:30 Date: 24/03/2018 Version:
ID: 51630 Cookbook: browseurl.jbs Time: 00:12:30 Date: 24/03/2018 Version: 22.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice Signature
More informationSummary. Verdict: Malware CLASSIFICATION DETECTION SECTION HIGH LEVEL BEHAVIOR DISTRIBUTION ACTIVITY OVERVIEW
Page 1 Summary File Name: LMAOBOXPREMIUM.exe File Type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows SHA1: 24b8d0208fdc46b720d6c07b71949f0ebe792442 MD5: deff401baf9df67d9731da2b98407f14
More informationID: Sample Name: Liste_az.docx Cookbook: defaultwindowsofficecookbook.jbs Time: 00:17:54 Date: 30/12/2017 Version:
ID: 41280 Sample Name: Liste_az.docx Cookbook: defaultwindowsofficecookbook.jbs Time: 00:17:54 Date: 30/12/2017 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview Information
More informationID: Cookbook: browseurl.jbs Time: 14:54:22 Date: 05/09/2018 Version:
ID: 75522 Cookbook: browseurl.jbs Time: 14:54:22 Date: 05/09/2018 Version: 23.0.0 Table of Contents Table of Contents 2 Analysis Report http://www.springdwnld2.com/download/? d=0&h=1&pnid=4&domain=hmapsanddrivingdirection.com&implementation_id=maps_spt_&source=g-ccc7-lp0-
More informationID: Sample Name: FD-1 Phase Out Notice.doc Cookbook: defaultwindowsofficecookbook.jbs Time: 14:36:29 Date: 04/05/2018 Version: 22.0.
ID: 5762 Sample Name: FD-1 Phase Out Notice.doc Cookbook: defaultwindowsofficecookbook.jbs Time: :36:2 Date: 04/05/2018 Version: 22.0.0 Table of Contents Analysis Report Overview Information Detection
More informationID: Cookbook: browseurl.jbs Time: 16:56:06 Date: 13/02/2018 Version:
ID: 46296 Cookbook: browseurl.jbs Time: 16:56:06 Date: 13/02/2018 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis
More informationID: Cookbook: browseurl.jbs Time: 10:12:02 Date: 15/01/2018 Version:
ID: 42670 Cookbook: browseurl.jbs Time: 10:12:02 Date: 15/01/2018 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis
More information