SHA256: 69e6f40fa4231edb47d52b5a19de15720b3e5fc19f68bb3060e9b6e06c307d42 File name: doc.exe Detection ratio: 9 / 56 Analysis date: 2016-11-26 23:56:21 UTC ( 0 minutes ago ) CrowdStrike Falcon (ML) malicious_confidence_75% (W) 20161024 ESET-NOD32 NSIS/Injector.KT 20161126 Invincea virus.win32.sality.at 20161018 Kaspersky UDS:DangerousObject.Multi.Generic 20161127 McAfee Artemis!4D4D6D2C7CC6 20161127 McAfee-GW-Edition BehavesLike.Win32.Downloader.dc 20161126 Qihoo-360 HEUR/QVM42.0.0000.Malware.Gen 20161127 Rising Malware.FakePDF@CV!1.6AC1-LyO8PTdeqgK (cloud) 20161126 Symantec Ransom.Cerber 20161127 2016-11-26 17:05:51.661059 IP 192.168.1.102.50496 > 89.33.242.29.80: Flags [P.], seq 0:392, ack 1, win 256, length 392: HTTP: GET /doc.exe HTTP/1.1 E…..@….Y…fY!…@.PQf-.DC..P…”S..GET /doc.exe HTTP/1.1 Accept: application/x-shockwave-flash, image/gif, image/jpeg, image/pjpeg, */* Accept-Language: en-us User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0) Accept-Encoding: gzip, deflate Range: bytes=214078- Unless-Modified-Since: Sat, 26 Nov […]