Professional Documents
Culture Documents
URL: https://baessavans.com.br/new/auth/qyXi////c/7/eyJhaSI6NzkwNDIxOTksImUiOiJBTEBTVU5TQVRJT05BTFNJR05TLkNPTSIsInJpIjoiMTAwNjYzNzM3MyIsInJxIjoiMDItYjIzMDk1LWZkMjlmND
M2NDZiMzRiMWY4MTgxMTdmMzY2ZGU2NjlkIiwicGgiOm51bGwsIm0iOmZhbHNlLCJ1aSI6IjU5IiwidW4iOiJsb2dvLXRvcCIsInUiOiJodHRwczovL3d3dy50LW1vYmlsZS5jb20vP2NtcGlkPUNSTV9
FTV9FTUFJTF9TN1oxUjZNQlBBSFo1TVBNOTQ3MTI2In0/eW9uZ2hvd2VAZWRnZW50YS5jb20=
Indicators:
MD5: 88D57DEE8389C16EAC589201DFC5D0ED
SHA1: F7109D01871B269386EC39ABC1C759598A87571D
SHA256: 1F019999793EB4ED8C2DEC155021A2E7FC913B3D6313D702AF46C13C8B393E8B
SSDEEP: 6:2eD24ledly+Y9cKtmOnXZ0CRVmzNtAleVG8903h2WEuxnp2iqnBBalY:2qadYyROnXZbixtA8GHxOuppJqqY
Launch configuration
Task duration: 60 seconds Heavy Evasion option: off Network geolocation: off
Additional time used: none MITM proxy: off Privacy: Public submission
Network: on
CCleaner (5.74)
CCleaner (5.74)
Behavior activities
MALICIOUS SUSPICIOUS INFO
No malicious indicators. No suspicious indicators. Application launched itself
iexplore.exe (PID: 1588)
Malware configuration
No Malware configuration.
Static information
No data.
37 2 0 0
Behavior graph
Specs description
Program did not start Low-level access to the HDD Process was added to the startup Debug information is available
Probably Tor was used Behavior similar to spam Task has injected processes Executable file was dropped
Known threat RAM overrun Network attacks were detected Integrity level elevation
Connects to the network CPU overrun Process starts the services System was rebooted
File is detected by antivirus software Inspected object has suspicious PE Behavior similar to exploiting Task contains an error or was
structure the vulnerability rebooted
Process information
Information
User: admin Company: Microsoft Corporation
Information
Registry activity
Total events Read events Write events Delete events
14 573 14 493 78 2
Modification events
Value: 0
Value: 30847387
Value: 30847437
Value: Cookie:
Value: Visited:
Value: 0
Value: 1
Value: 1
Value: 1
Value: 0
Files activity
Executable files Suspicious files Text files Unknown types
0 16 7 1
Dropped files
Network activity
HTTP(S) requests TCP/UDP connections DNS requests Threats
11 23 12 0
HTTP requests
Connections
DNS requests
Domain IP Reputation
Threats
No threats detected