Download Attachments
-
1
fraser
Date added: January 16, 2017 6:59 am
Added by: admin
File size: 36 KB
Downloads: 222
SHA256: |
4ebc3b4d9517e19a2d47803cc5c68186a95019b63d8efb48d5b8a8c09e5dcd53 |
File name: |
Fraser.exe |
Detection ratio: |
34 / 57 |
Analysis date: |
2017-01-16 06:54:31 UTC ( 1 minute ago ) |
Avast |
Other:Malware-gen [Trj] |
20170116 |
Avira (no cloud) |
DR/Autoit.spflx |
20170115 |
BitDefender |
Trojan.GenericKD.4174671 |
20170116 |
Comodo |
TrojWare.Win32.UMal.xmuve |
20170116 |
CrowdStrike Falcon (ML) |
malicious_confidence_99% (W) |
20161024 |
ESET-NOD32 |
a variant of Win32/Packed.CAB.AE |
20170116 |
Emsisoft |
Trojan.GenericKD.4174671 (B) |
20170116 |
F-Secure |
Trojan.GenericKD.4174671 |
20170116 |
Fortinet |
W32/Generic!tr |
20170116 |
GData |
Trojan.GenericKD.4174671 |
20170116 |
Invincea |
trojan.win32.skeeyah.a!rfn |
20170111 |
K7AntiVirus |
Trojan ( 700000111 ) |
20170115 |
K7GW |
Trojan ( 700000111 ) |
20170116 |
Kaspersky |
Trojan.Win32.Autoit.abeza |
20170116 |
Malwarebytes |
Trojan.Dropper |
20170116 |
McAfee |
Artemis!E6B7BCB0D774 |
20170108 |
McAfee-GW-Edition |
Fareit-FGW!637507265597 |
20170116 |
eScan |
Trojan.GenericKD.4174671 |
20170116 |
Microsoft |
Backdoor:Win32/NetWiredRC.C |
|
2017-01-15 23:32:14.584440 IP 192.168.1.102.62766 > 192.0.77.17.80: Flags [P.], seq 0:306, ack 1, win 256, length 306: HTTP: GET /6yIk9wSjWP.exe?download=Fraser.exe HTTP/1.1
E..Zff@……..f..M….P..l…..P….o..GET /6yIk9wSjWP.exe?download=Fraser.exe HTTP/1.1
Accept: application/x-shockwave-flash, image/gif, image/jpeg, image/pjpeg, */*
Accept-Language: en-us
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)
Accept-Encoding: gzip, deflate
Host: cldup.com
Connection: Keep-Alive
2017-01-15 23:32:29.957578 IP 192.168.1.102.50135 > 75.75.75.75.53: 49661+ A? asril4646.hopto.org. (37)
E..A.!………fKKKK…5.-p…………. asril4646.hopto.org…..
2017-01-15 23:32:29.993815 IP 192.168.1.102.62782 > 185.84.181.73.3478: Flags [S], seq 318334479, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..40.@….2…f.T.I.>….f……. ……………..
2017-01-15 23:32:30.669691 IP 192.168.1.102.62782 > 185.84.181.73.3478: Flags [S], seq 318334479, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..40.@….1…f.T.I.>….f……. ……………..
2017-01-15 23:32:31.343371 IP 192.168.1.102.62782 > 185.84.181.73.3478: Flags [S], seq 318334479, win 8192, options [mss 1460,nop,nop,sackOK], length 0
E..00.@….4…f.T.I.>….f…..p. ………….
2017-01-15 23:32:31.945681 IP 192.168.1.102.62783 > 185.84.181.73.3478: Flags [S], seq 2125490187, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..40.@…./…f.T.I.?..~.h……. .4……………
2017-01-15 23:32:32.615504 IP 192.168.1.102.62783 > 185.84.181.73.3478: Flags [S], seq 2125490187, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..40.@……..f.T.I.?..~.h……. .4……………
2017-01-15 23:32:33.295177 IP 192.168.1.102.62783 > 185.84.181.73.3478: Flags [S], seq 2125490187, win 8192, options [mss 1460,nop,nop,sackOK], length 0
E..00.@….1…f.T.I.?..~.h…..p. .H………..
2017-01-15 23:32:33.919261 IP 192.168.1.102.62784 > 185.84.181.73.3478: Flags [S], seq 3001689288, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..40.@….,…f.T.I.@….$……. .C……………
2017-01-15 23:32:34.598590 IP 192.168.1.102.62784 > 185.84.181.73.3478: Flags [S], seq 3001689288, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..40.@….+…f.T.I.@….$……. .C……………
2017-01-15 23:32:35.269234 IP 192.168.1.102.62784 > 185.84.181.73.3478: Flags [S], seq 3001689288, win 8192, options [mss 1460,nop,nop,sackOK], length 0
E..00.@……..f.T.I.@….$…..p. .W………..
2017-01-15 23:32:45.448924 IP 192.168.1.102.50136 > 75.75.75.75.53: 38377+ A? asril4646.hopto.org. (37)
E..A.”………fKKKK…5.-.,………… asril4646.hopto.org…..
Please follow and like us: