SHA256: edf9fd11f47c914459f673a5c635801208c14217a6d714f6b60b7ce4b62e54d8 File name: read.php Detection ratio: 10 / 57 Analysis date: 2017-01-16 07:37:11 UTC ( 0 minutes ago ) AhnLab-V3 Trojan/Win32.Cerber.C1748597 20170116 Avast Win32:Malware-gen 20170116 Avira (no cloud) TR/Crypt.Xpack.amsqc 20170116 Baidu Win32.Trojan.WisdomEyes.16070401.9500.9985 20170116 CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20161024 ESET-NOD32 a variant of Win32/Injector.DJVO 20170116 Invincea worm.win32.kasidet.f 20170111 Kaspersky UDS:DangerousObject.Multi.Generic 20170116 Qihoo-360 HEUR/QVM42.0.0000.Malware.Gen 20170116 Rising Malware.Generic!YNz7NgPxwWG@1 (thunder) 20170116   2017-01-15 23:39:23.889013 IP 192.168.1.102.62841 > 35.161.229.79.80: Flags [P.], seq 0:293, ack 1, win 256, length 293: HTTP: GET /read.php?f=0.dat HTTP/1.1 E..M=.@….}…f#..O.y.P.8..2>..P…>…GET /read.php?f=0.dat HTTP/1.1 Accept: application/x-shockwave-flash, image/gif, image/jpeg, image/pjpeg, */* Accept-Language: en-us User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0) […]