Report #5818 check_circle

Binary
DLL
False cancel
Size
60.10KB
trid
38.2% UPX compressed Win32 Executable
37.5% Win32 EXE Yoda's Crypter
9.2% Win32 Dynamic Link Library
6.3% Win32 Executable
2.8% OS/2 Executable
type
PE
wordsize
32
Subsystem
Windows GUI
Hashes
md5
3b0532e1261a9a84a8010cb6a8a62bd9
sha1
bb31e7cd7551b483441272316966d4b86e6a5b3d
crc32
0x73094c37
sha224
7c6eb0cd917e306d3a0a6a2e579a08f3acc442e7c4aba2dbb52e6fa8
sha256
8f521bd91b3102a13cd086fffe41aef660dbfc7c762b24e3c1afb93e45f7d11c
sha384
941833e20878c62256dd29c8b45f41669429f2ff302a9356d26b9ae6588496d3746a445b28b055b98bd74de0533b7ae9
sha512
e4579799f9a1978399570866775857d09f62b5e0440cab5ea304c2311e16664466f4b9fc2789ff8013b019f0425b6ab5fbf119ab9a8209120bcb9e3c7eec8cf0
ssdeep
1536:Ai5XPnyqNuhR9CfN0KHxCc0h/dpk/hLbaNzoScf:Ai5XvuhR9OygSl2/VuoScf
Community
Google
False cancel
HashLib
False cancel
YARA
Matches
domain, UPX_wwwupxsourceforgenet, screenshot, UPX_wwwupxsourceforgenet_additional, url, HasRichSignature, contentis_base64, yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h, UPXv20MarkusLaszloReiser, UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser, HasOverlay, UPX_v0896_v102_v105_v124_Markus_Laszlo_overlay, UPX, IP, IsPE32, PackerUPX_CompresorGratuito_wwwupxsourceforgenet, IsWindowsGUI, UPX_v0896_v102_v105_v124_Markus_Laszlo_overlay_additional, IsPacked

Suspicious
True check_circle

Strings
List
Transfer2pc.co.cc
This application is made with Jar to Exe Converter 1.1 by Transfer2pc.co.cc
http://nsis.sf.t/NS
COMCTL32.dll
VERSION.dll
.DEFAULT\Con
egg$hiOf
<?xml version="1.0" encoding="UTF-8" standalone="yes"?><assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"><assemblyIdentity version="1.0.0.0" processorArchitecture="X86" name="Nullsoft.NSIS.exehead" type="win32"/><description>Nullsoft Install System v2.46</description><dependency><dependentAssembly><assemblyIdentity type="win32" name="Microsoft.Windows.Common-Controls" version="6.0.0.0" processorArchitecture="X86" publicKeyToken="6595b64144ccf1df" language="*" /></dependentAssembly></dependency></assembly>
Asi2%n
has fai
: %d%%#unpack
[rKeyEx%ADVv[j
GetProcAddress
ExitProcess
NullsoftInst
ShellExecuteA
VirtualAlloc
VirtualProtect
RegEnumKeyA
LoadLibraryA
Java Launcher
Java Launcher
GetDC
5Us3De*ul
rPA/W8dAS
META-INF/MANIFEST.MFPK
eLoc&e'[
8{f:E4U
adm02/<
META-INF/MANIFEST.MFm
newdopy.
Desktop\R
UO[FCCCIUUUUdy
auses)clude
META-INF/
META-INF/
upV[uepOp(
|TtBic[
ware\Mt?s
sonS'WObjzv
OGYmnncSB]
Open*{^
-Addr1m
77mandLin
/+Bitmap
Comments
9tiBy7oWiVC
BrushI($
I9CtegPty
trol Panel\I
CompanyName
\1BOE
/D=eiQu
ProductName
n+UAG4
NulluM E(
ttributes
\Windm[k
Is;5d
E>>HHH
FileVersion
FileDescription
VarFileInfo
StringFileInfo
|2*ha
Translation
verifying
L5IDATx
GetShort
MakTsuYy
Eh,lD/
,Abr"
OM>;h
Caps #9K:
AlYWaFl
lobalUn
Trazpup
uhT6
ourc|k
idhO[
IoTV^
PihA[
:ivAa
o_lOH
~DylI
nload andqmag6 m
VUhTE
Common
FOLDER
L<6VcT
dkl[a
6a6h
TkTD&e
$,ed
/{ha
EnvA0m
@+02'8
owto ob
iRichu
CckDlgBt

Foremost
Matches
109.zip, 5 KB, 0.exe, 48 KB, 38.png, 19 KB
Suspicious
True check_circle
Heuristics
IPs
hasIPs: False cancel
Allowed
Suspicious
hasAllowed: False cancel
hasSuspicious: False cancel

URLs
Allowed
hasURLs: True check_circle
Suspicious: http://nsis.sf.t/ns
hasAllowed: False cancel
hasSuspicious: True check_circle

Files
Allowed: ADVAPI32.dll, KERNEL32.DLL, USER32.dll, SHELL32.dll, VERSION.dll, COMCTL32.dll, GDI32.dll, ole32.dll
hasFiles: True check_circle
Suspicious
hasAllowed: True check_circle
hasSuspicious: False cancel

Binary
Sizes
RVA
RVA: 16
Suspicious: False cancel
Code
Size: 32768
Suspicious: False cancel
Image
Address: 4194304
Suspicious: False cancel
Stack
Stack: 4096
Suspicious: False cancel
Headers
Headers: 4096
Suspicious: False cancel
Suspicious: False cancel

Symbols
Number
Number: 0
Suspicious: True check_circle
Pointer
Pointer: 0
Suspicious: True check_circle
Directories
Number: 16
Suspicious: False cancel

Checksum
Value: 0
Suspicous: True check_circle

Sections
Allowed: .rsrc
Suspicious: upx0, upx1
hasAllowed: True check_circle
hasSections: True check_circle
hasSuspicious: True check_circle

Versions
OS
Version: 4
Suspicious: False cancel
Image
Version: False cancel
Suspicious: 4
Linker
Version: 6.0
Suspicious: False cancel
Subsystem
Version: 4.0
Suspicious: False cancel
Suspicious: False cancel

EntryPoint
Address: 217776
Suspicious: False cancel

Anomalies
Anomalies: The header checksum and the calculated checksum do not match.
hasAnomalies: True check_circle

Libraries
Allowed: advapi32.dll, kernel32.dll, user32.dll, shell32.dll, version.dll, comctl32.dll, gdi32.dll, ole32.dll
hasLibs: True check_circle
Suspicious
hasAllowed: True check_circle
hasSuspicious: False cancel

Timestamp
Past: False cancel
Valid: True check_circle
Value: 2009-12-05 20:50:46
Future: False cancel

Compilation
Packed: True check_circle
Missing: False cancel
Packers: UPX -> www.upx.sourceforge.net
Compiled: False cancel
Compilers

Obfuscation
XOR: False cancel
Fuzzing: False cancel

PEDetector
Matches
None
Suspicious
False cancel
Disassembly
hasTricks
True check_circle
Tricks
pushret
none: 41
.rsrc: 10

pushpopmath
none: 19
.rsrc: 5

garbagebytes
none: 14
.rsrc: 1

software breakpoint
none: 1

programcontrolflowchange
none: 14
.rsrc: 1

AVclass
genericgb
1
VirusTotal
md5
3b0532e1261a9a84a8010cb6a8a62bd9
sha1
bb31e7cd7551b483441272316966d4b86e6a5b3d
SCANS (DETECTION RATE = 60.29%)
AVG
result: Java:Malware-gen [Trj]
update: 20180723
version: 18.4.3895.0
detected: True check_circle

CMC
update: 20180722
version: 1.1.0.977
detected: False cancel

MAX
result: malware (ai score=98)
update: 20180723
version: 2017.11.15.1
detected: True check_circle

Bkav
update: 20180719
version: 1.3.0.9466
detected: False cancel

K7GW
result: Trojan-Downloader ( 004e08101 )
update: 20180722
version: 10.54.27832
detected: True check_circle

ALYac
update: 20180723
version: 1.1.1.5
detected: False cancel

Avast
result: Java:Malware-gen [Trj]
update: 20180723
version: 18.4.3895.0
detected: True check_circle

Avira
result: HEUR/AGEN.1029538
update: 20180722
version: 8.3.3.6
detected: True check_circle

Baidu
result: Win32.Trojan.WisdomEyes.16070401.9500.9880
update: 20180717
version: 1.0.0.2
detected: True check_circle

Cyren
result: W32/Trojan.MHWV-9137
update: 20180722
version: 6.0.0.4
detected: True check_circle

DrWeb
update: 20180722
version: 7.0.33.6080
detected: False cancel

GData
result: Java.Trojan.GenericGB.2976
update: 20180722
version: A:25.17855B:25.12788
detected: True check_circle

Panda
update: 20180722
version: 4.6.4.2
detected: False cancel

VBA32
update: 20180720
version: 3.12.32.0
detected: False cancel

VIPRE
result: Trojan.Win32.Generic!BT
update: 20180722
version: 68310
detected: True check_circle

Zoner
result: Trojan.Agent
update: 20180723
version: 1.0
detected: True check_circle

AVware
result: Trojan.Win32.Generic!BT
update: 20180723
version: 1.6.0.52
detected: True check_circle

ClamAV
update: 20180722
version: 0.100.1.0
detected: False cancel

Comodo
result: UnclassifiedMalware
update: 20180722
version: 29393
detected: True check_circle

F-Prot
update: 20180722
version: 4.7.1.166
detected: False cancel

Ikarus
result: Trojan-Downloader.Java.Agent
update: 20180722
version: 0.1.5.2
detected: True check_circle

McAfee
result: Generic.dvb
update: 20180722
version: 6.0.6.653
detected: True check_circle

Rising
update: 20180722
version: 25.0.0.24
detected: False cancel

Sophos
result: Mal/Generic-S
update: 20180722
version: 4.98.0
detected: True check_circle

Yandex
result: Trojan.Agent!6bDdnPjb2V4
update: 20180720
version: 5.5.1.3
detected: True check_circle

Zillya
result: Trojan.Agentb.Win32.13964
update: 20180720
version: 2.0.0.3599
detected: True check_circle

Arcabit
result: Java.Trojan.GenericGB.DBA0
update: 20180723
version: 1.0.0.831
detected: True check_circle

Babable
update: 20180406
version: 9107201
detected: False cancel

Cylance
update: 20180723
version: 2.3.1.101
detected: False cancel

Endgame
result: malicious (moderate confidence)
update: 20180711
version: 3.0.0
detected: True check_circle

TACHYON
update: 20180725
version: 2018-07-25.01
detected: False cancel

Tencent
update: 20180723
version: 1.0.0.1
detected: False cancel

ViRobot
update: 20180722
version: 2014.3.20.0
detected: False cancel

Webroot
result: W32.Malware.Gen
update: 20180723
version: 1.0.0.403
detected: True check_circle

eGambit
update: 20180723
detected: False cancel

Ad-Aware
update: 20180723
version: 3.0.5.370
detected: False cancel

AegisLab
result: Java.Troj.Genericgb!c
update: 20180722
version: 4.2
detected: True check_circle

Emsisoft
result: Java.Trojan.GenericGB.2976 (B)
update: 20180722
version: 2018.4.0.1029
detected: True check_circle

F-Secure
result: Java.Trojan.GenericGB.2976
update: 20180722
version: 11.0.19100.45
detected: True check_circle

Fortinet
update: 20180722
version: 5.4.247.0
detected: False cancel

Invincea
update: 20180717
version: 6.3.5.26121
detected: False cancel

Jiangmin
update: 20180722
version: 16.0.100
detected: False cancel

Kingsoft
update: 20180723
version: 2013.8.14.323
detected: False cancel

Paloalto
result: generic.ml
update: 20180723
version: 1.0
detected: True check_circle

Symantec
result: Trojan Horse
update: 20180722
version: 1.6.0.0
detected: True check_circle

AhnLab-V3
update: 20180722
version: 3.13.1.21452
detected: False cancel

Antiy-AVL
update: 20180723
version: 3.0.0.1
detected: False cancel

Kaspersky
result: Trojan-Dropper.Win32.Agent.bjvfqi
update: 20180722
version: 15.0.1.13
detected: True check_circle

Microsoft
result: Trojan:Win32/Tiggre!rfn
update: 20180721
version: 1.1.15100.1
detected: True check_circle

Qihoo-360
result: HEUR/QVM11.1.D7A1.Malware.Gen
update: 20180723
version: 1.0.0.1120
detected: True check_circle

TheHacker
result: Posible_Worm32
update: 20180722
version: 6.8.0.5.3436
detected: True check_circle

ZoneAlarm
result: Trojan-Dropper.Win32.Agent.bjvfqi
update: 20180722
version: 1.0
detected: True check_circle

Cybereason
result: malicious.1261a9
update: 20180225
version: 1.2.27
detected: True check_circle

ESET-NOD32
result: a variant of Generik.DIRSW
update: 20180722
version: 17757
detected: True check_circle

TrendMicro
result: TROJ_GEN.R011C0OFG18
update: 20180723
version: 10.0.0.1040
detected: True check_circle

BitDefender
result: Java.Trojan.GenericGB.2976
update: 20180723
version: 7.2
detected: True check_circle

CrowdStrike
update: 20180530
version: 1.0
detected: False cancel

K7AntiVirus
result: Trojan-Downloader ( 004e08101 )
update: 20180722
version: 10.54.27832
detected: True check_circle

SentinelOne
update: 20180701
version: 1.0.17.227
detected: False cancel

Avast-Mobile
update: 20180722
version: 180722-04
detected: False cancel

Malwarebytes
update: 20180722
version: 2.1.1.1115
detected: False cancel

TotalDefense
update: 20180722
version: 37.1.62.1
detected: False cancel

CAT-QuickHeal
result: Trojan.IGENERIC
update: 20180722
version: 14.00
detected: True check_circle

NANO-Antivirus
result: Riskware.Nsis.Adware.dxgnpy
update: 20180722
version: 1.0.116.23366
detected: True check_circle

MicroWorld-eScan
result: Java.Trojan.GenericGB.2976
update: 20180722
version: 14.0.297.0
detected: True check_circle

SUPERAntiSpyware
result: Trojan.Agent/Gen-Downloader
update: 20180722
version: 5.6.0.1032
detected: True check_circle

McAfee-GW-Edition
result: Generic.dvb
update: 20180722
version: v2017.3010
detected: True check_circle

TrendMicro-HouseCall
result: TROJ_GEN.R011C0OFG18
update: 20180723
version: 9.950.0.1006
detected: True check_circle

total
68
sha256
8f521bd91b3102a13cd086fffe41aef660dbfc7c762b24e3c1afb93e45f7d11c
scan_id
8f521bd91b3102a13cd086fffe41aef660dbfc7c762b24e3c1afb93e45f7d11c-1532304855
resource
3b0532e1261a9a84a8010cb6a8a62bd9
positives
41
scan_date
2018-07-23 00:14:15
verbose_msg
Scan finished, information embedded
response_code
1
File
Trace
12/2/2020 - 20:45:43.715Open1480C:\malware.exeC:\Windows\AppPatch\AcGenral.dll
12/2/2020 - 20:45:43.762Open1480C:\malware.exeC:\Windows\AppPatch\AcGenral.dll
12/2/2020 - 20:45:43.809Open1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.809Open1480C:\malware.exeC:\malware.exe.Config
12/2/2020 - 20:45:43.809Unknown1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.809Open1480C:\malware.exeC:\Windows\AppPatch\AcGenral.dll
12/2/2020 - 20:45:43.809Open1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.809Open1480C:\malware.exeC:\malware.exe.Config
12/2/2020 - 20:45:43.809Unknown1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.809Open1480C:\malware.exeC:\Windows\AppPatch\AcGenral.dll
12/2/2020 - 20:45:43.809Open1480C:\malware.exeC:\Windows\AppPatch\AcGenral.dll
12/2/2020 - 20:45:43.809Open1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.809Open1480C:\malware.exeC:\malware.exe.Config
12/2/2020 - 20:45:43.809Unknown1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.809Open1480C:\malware.exeC:\Windows\SysWOW64\imm32.dll
12/2/2020 - 20:45:43.809Open1480C:\malware.exeC:\Windows\SysWOW64\imm32.dll
12/2/2020 - 20:45:43.809Open1480C:\malware.exeC:\Windows\SysWOW64\imm32.dll
12/2/2020 - 20:45:43.809Open1480C:\malware.exeC:\Windows\SysWOW64\imm32.dll
12/2/2020 - 20:45:43.809Open1480C:\malware.exeC:\Windows\SysWOW64\imm32.dll
12/2/2020 - 20:45:43.809Open1480C:\malware.exeC:\Windows\SysWOW64\imm32.dll
12/2/2020 - 20:45:43.809Open1480C:\malware.exeC:\Windows\WindowsShell.Manifest
12/2/2020 - 20:45:43.809Unknown1480C:\malware.exeC:\Windows\WindowsShell.ManifestWindowsShell.Manifest
12/2/2020 - 20:45:43.809Open1480C:\malware.exeC:\Windows\SysWOW64\rpcss.dll
12/2/2020 - 20:45:43.809Open1480C:\malware.exeC:\Windows\SysWOW64\rpcss.dll
12/2/2020 - 20:45:43.872Open1480C:\malware.exeC:\SHFOLDER.DLL
12/2/2020 - 20:45:43.872Open1480C:\malware.exeC:\Windows\SysWOW64\shfolder.dll
12/2/2020 - 20:45:43.872Open1480C:\malware.exeC:\Windows\SysWOW64\shfolder.dll
12/2/2020 - 20:45:43.872Open1480C:\malware.exeC:\Windows\Globalization\Sorting\SortDefault.nls
12/2/2020 - 20:45:43.872Unknown1480C:\malware.exeC:\Windows\Globalization\Sorting\SortDefault.nlsSortDefault.nls
12/2/2020 - 20:45:43.872Open1480C:\malware.exeC:\Windows\SysWOW64\shell32.dll
12/2/2020 - 20:45:43.872Open1480C:\malware.exeC:\malware.exe.Local
12/2/2020 - 20:45:43.872Open1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
12/2/2020 - 20:45:43.872Unknown1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
12/2/2020 - 20:45:43.872Open1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
12/2/2020 - 20:45:43.872Open1480C:\malware.exeC:\
12/2/2020 - 20:45:43.872Unknown1480C:\malware.exeC:\
12/2/2020 - 20:45:43.872Open1480C:\malware.exeC:\Windows\SysWOW64\propsys.dll
12/2/2020 - 20:45:43.872Open1480C:\malware.exeC:\Windows\SysWOW64\propsys.dll
12/2/2020 - 20:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Caches
12/2/2020 - 20:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Caches\cversions.1.db
12/2/2020 - 20:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Caches
12/2/2020 - 20:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Caches\cversions.1.db
12/2/2020 - 20:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000000.db
12/2/2020 - 20:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000000.db
12/2/2020 - 20:45:43.872Open1480C:\malware.exeC:\Users\Behemot\Desktop\desktop.ini
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\Users\Behemot\Desktop\desktop.ini
12/2/2020 - 20:45:43.872Unknown1480C:\malware.exeC:\Users\Behemot\Desktop\desktop.ini
12/2/2020 - 20:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
12/2/2020 - 20:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
12/2/2020 - 20:45:43.872Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
12/2/2020 - 20:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsg50E.tmp
12/2/2020 - 20:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsg50E.tmp
12/2/2020 - 20:45:43.872Open1480C:\malware.exeC:\
12/2/2020 - 20:45:43.872Unknown1480C:\malware.exeC:\
12/2/2020 - 20:45:43.872Open1480C:\malware.exeC:\Users
12/2/2020 - 20:45:43.872Unknown1480C:\malware.exeC:\Users
12/2/2020 - 20:45:43.872Open1480C:\malware.exeC:\Users\Behemot
12/2/2020 - 20:45:43.872Unknown1480C:\malware.exeC:\Users\Behemot
12/2/2020 - 20:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData
12/2/2020 - 20:45:43.872Unknown1480C:\malware.exeC:\Users\Behemot\AppData
12/2/2020 - 20:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local
12/2/2020 - 20:45:43.872Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local
12/2/2020 - 20:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
12/2/2020 - 20:45:43.872Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
12/2/2020 - 20:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsg50E.tmp
12/2/2020 - 20:45:43.872Open1480C:\malware.exeC:\Monitor\Files\DeletedFiles
12/2/2020 - 20:45:43.872Delete1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsg50E.tmp
12/2/2020 - 20:45:43.872Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsg50E.tmp
12/2/2020 - 20:45:43.872Open1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Unknown1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Open1480C:\malware.exeC:\
12/2/2020 - 20:45:43.872Unknown1480C:\malware.exeC:\
12/2/2020 - 20:45:43.872Open1480C:\malware.exeC:\Monitor
12/2/2020 - 20:45:43.872Unknown1480C:\malware.exeC:\Monitor
12/2/2020 - 20:45:43.872Open1480C:\malware.exeC:\Monitor\Malware
12/2/2020 - 20:45:43.872Unknown1480C:\malware.exeC:\Monitor\Malware
12/2/2020 - 20:45:43.872Open1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Unknown1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Open1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.872Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51E.tmp
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51E.tmp
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:43.887Write1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51E.tmp
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51E.tmp
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51E.tmp
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\Users
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\Users\Behemot
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Monitor\Files\DeletedFiles
12/2/2020 - 20:45:43.887Delete1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\Users
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\Users
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\Users\Behemot
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\Users
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\Users\Behemot
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\Users
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\Users\Behemot
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\Users
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\Users\Behemot
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\Users
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\Users\Behemot
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp\System.dll
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp\System.dll
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp\System.dll
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51E.tmp
12/2/2020 - 20:45:43.887Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51E.tmp
12/2/2020 - 20:45:43.887Write1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp\System.dll
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp\System.dll
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp\System.dll
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp\System.dll
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp\System.dll
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp\System.dll
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp\System.dll
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp\System.dll
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp\System.dll
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp\System.dll
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp\System.dll
12/2/2020 - 20:45:43.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp\System.dll
12/2/2020 - 20:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp\System.dll
12/2/2020 - 20:45:43.887Write1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp\System.dll
12/2/2020 - 20:45:44.43Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp\System.dll
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp\System.dll
12/2/2020 - 20:45:44.43Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp\System.dll
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\
12/2/2020 - 20:45:44.43Unknown1480C:\malware.exeC:\
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Users
12/2/2020 - 20:45:44.43Unknown1480C:\malware.exeC:\Users
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Users\Behemot
12/2/2020 - 20:45:44.43Unknown1480C:\malware.exeC:\Users\Behemot
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Users\Behemot\AppData
12/2/2020 - 20:45:44.43Unknown1480C:\malware.exeC:\Users\Behemot\AppData
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Users\Behemot\AppData\Local
12/2/2020 - 20:45:44.43Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
12/2/2020 - 20:45:44.43Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp
12/2/2020 - 20:45:44.43Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp\System.dll
12/2/2020 - 20:45:44.43Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp\System.dll
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp\System.dll
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:44.43Unknown1480C:\malware.exeC:\malware.exe
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\
12/2/2020 - 20:45:44.43Unknown1480C:\malware.exeC:\
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Monitor
12/2/2020 - 20:45:44.43Unknown1480C:\malware.exeC:\Monitor
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Monitor\Malware
12/2/2020 - 20:45:44.43Unknown1480C:\malware.exeC:\Monitor\Malware
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\javaw.exe
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Monitor\javaw.exe
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\SysWOW64\javaw.exe
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\system\javaw.exe
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\javaw.exe
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\SysWOW64\javaw.exe
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\javaw.exe
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\SysWOW64\wbem\javaw.exe
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\SysWOW64\WindowsPowerShell\v1.0\javaw.exe
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\javaw.exe -jar
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Monitor\javaw.exe -jar
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\SysWOW64\javaw.exe -jar
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\system\javaw.exe -jar
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\javaw.exe -jar
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\SysWOW64\javaw.exe -jar
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\javaw.exe -jar
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\SysWOW64\wbem\javaw.exe -jar
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\SysWOW64\WindowsPowerShell\v1.0\javaw.exe -jar
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\javaw.exe -jar "C:\Monitor\Malware\malware.exe"
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Monitor\javaw.exe -jar "C:\Monitor\Malware\malware.exe"
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\SysWOW64\javaw.exe -jar "C:\Monitor\Malware\malware.exe"
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\system\javaw.exe -jar "C:\Monitor\Malware\malware.exe"
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\javaw.exe -jar "C:\Monitor\Malware\malware.exe"
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\SysWOW64\javaw.exe -jar "C:\Monitor\Malware\malware.exe"
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\javaw.exe -jar "C:\Monitor\Malware\malware.exe"
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\SysWOW64\Wbem\javaw.exe -jar "C:\Monitor\Malware\malware.exe"
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\SysWOW64\WindowsPowerShell\v1.0\javaw.exe -jar "C:\Monitor\Malware\malware.exe"
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\javaw.exe -jar "C:\Monitor\Malware\malware.exe" ""
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Monitor\javaw.exe -jar "C:\Monitor\Malware\malware.exe" ""
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\SysWOW64\javaw.exe -jar "C:\Monitor\Malware\malware.exe" ""
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\system\javaw.exe -jar "C:\Monitor\Malware\malware.exe" ""
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\javaw.exe -jar "C:\Monitor\Malware\malware.exe" ""
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\SysWOW64\javaw.exe -jar "C:\Monitor\Malware\malware.exe" ""
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\javaw.exe -jar "C:\Monitor\Malware\malware.exe" ""
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\SysWOW64\Wbem\javaw.exe -jar "C:\Monitor\Malware\malware.exe" ""
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\SysWOW64\WindowsPowerShell\v1.0\javaw.exe -jar "C:\Monitor\Malware\malware.exe" ""
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\javaw.exe
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Monitor\javaw.exe
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\SysWOW64\javaw.exe
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\system\javaw.exe
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\javaw.exe
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\SysWOW64\javaw.exe
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\javaw.exe
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\SysWOW64\wbem\javaw.exe
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\SysWOW64\WindowsPowerShell\v1.0\javaw.exe
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\javaw.exe -jar
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Monitor\javaw.exe -jar
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\SysWOW64\javaw.exe -jar
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\system\javaw.exe -jar
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\javaw.exe -jar
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\SysWOW64\javaw.exe -jar
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\javaw.exe -jar
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\SysWOW64\wbem\javaw.exe -jar
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\SysWOW64\WindowsPowerShell\v1.0\javaw.exe -jar
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\javaw.exe -jar "C:\Monitor\Malware\malware.exe"
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Monitor\javaw.exe -jar "C:\Monitor\Malware\malware.exe"
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\SysWOW64\javaw.exe -jar "C:\Monitor\Malware\malware.exe"
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\system\javaw.exe -jar "C:\Monitor\Malware\malware.exe"
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\javaw.exe -jar "C:\Monitor\Malware\malware.exe"
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\SysWOW64\javaw.exe -jar "C:\Monitor\Malware\malware.exe"
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\javaw.exe -jar "C:\Monitor\Malware\malware.exe"
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\SysWOW64\Wbem\javaw.exe -jar "C:\Monitor\Malware\malware.exe"
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\SysWOW64\WindowsPowerShell\v1.0\javaw.exe -jar "C:\Monitor\Malware\malware.exe"
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\javaw.exe -jar "C:\Monitor\Malware\malware.exe" ""
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Monitor\javaw.exe -jar "C:\Monitor\Malware\malware.exe" ""
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\SysWOW64\javaw.exe -jar "C:\Monitor\Malware\malware.exe" ""
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\system\javaw.exe -jar "C:\Monitor\Malware\malware.exe" ""
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\javaw.exe -jar "C:\Monitor\Malware\malware.exe" ""
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\SysWOW64\javaw.exe -jar "C:\Monitor\Malware\malware.exe" ""
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\javaw.exe -jar "C:\Monitor\Malware\malware.exe" ""
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\SysWOW64\Wbem\javaw.exe -jar "C:\Monitor\Malware\malware.exe" ""
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Windows\SysWOW64\WindowsPowerShell\v1.0\javaw.exe -jar "C:\Monitor\Malware\malware.exe" ""
12/2/2020 - 20:45:44.43Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51E.tmp
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
12/2/2020 - 20:45:44.43Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Users\Behemot\AppData\Local
12/2/2020 - 20:45:44.43Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Users\Behemot\AppData
12/2/2020 - 20:45:44.43Unknown1480C:\malware.exeC:\Users\Behemot\AppData
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Users\Behemot
12/2/2020 - 20:45:44.43Unknown1480C:\malware.exeC:\Users\Behemot
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Users
12/2/2020 - 20:45:44.43Unknown1480C:\malware.exeC:\Users
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\
12/2/2020 - 20:45:44.43Unknown1480C:\malware.exeC:\
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\
12/2/2020 - 20:45:44.43Unknown1480C:\malware.exeC:\
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\
12/2/2020 - 20:45:44.43Unknown1480C:\malware.exeC:\
12/2/2020 - 20:45:44.43Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp\System.dll
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp\System.dll
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users\Behemot
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp\System.dll
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp\System.dll
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp\System.dll
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp\System.dll
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users\Behemot
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp\System.dll
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp\System.dll
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp\System.dll
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp\System.dll
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp\System.dll
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users\Behemot
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp\System.dll
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Monitor\Files\DeletedFiles
12/2/2020 - 20:45:44.59Delete1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp\System.dll
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp\System.dll
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp\System.dll
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users\Behemot
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users\Behemot
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp
12/2/2020 - 20:45:44.59Open1480C:\malware.exeC:\Monitor\Files\DeletedFiles
12/2/2020 - 20:45:44.59Delete1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv51F.tmp
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Windows
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Monitor
12/2/2020 - 20:45:44.59Unknown1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d

Process
Trace

Analysis
Reason
Finished

Status
Sucessfully Executed

Results
1

Registry
Trace

File Summary
Created
Identified: True check_circle

Deleted
Identified: True check_circle

Process Summary
Created
Identified: False cancel

Deleted
Identified: False cancel

Registry Summary
Proxy
Identified: False cancel

AutoRun
Identified: False cancel

Created
Identified: False cancel

Deleted
Identified: False cancel

Browsers
Identified: False cancel

Internet
Identified: False cancel

Loading...

DNS
Query

Response

TCP
Info

UDP
Info

HTTP
Info

Summary
DNS
False cancel

TCP
False cancel

UDP
False cancel

HTTP
False cancel

Results
BINARY
KNN (K=3, NFS-BRMalware)
confidence: 66.67%
suspicious: False cancel

Decision Tree (NFS-BRMalware)
confidence: 100.00%
suspicious: True check_circle

SVC (Kernel=Linear, NFS-BRMalware)
confidence: 99.55%
suspicious: True check_circle

MalConv (Ember: Raw Bytes, Threshold=0.5)
confidence: 78.16%
suspicious: True check_circle

Random Forest (100 estimators, NFS-BRMalware)
confidence: 65.00%
suspicious: True check_circle

Non-Negative MalConv (Ember: Raw Bytes, Threshold=0.35)
confidence: 89.26%
suspicious: False cancel

LightGDM (Ember: File Characteristics, Threshold=0.8336)
confidence: 70.64%
suspicious: False cancel

Add to Collection
Download