![]() ![]() ![]() Source: C:\Users\u ser\Deskto p\http_s -rco.duckd ns.org_11d _solex.exe Static PE information: Resource n ame: RT_IC ON type: G LS_BINARY_ LSB_FIRST Sample file is different than original file name gathered from version info Static PE information: LOCAL_SYMS _STRIPPED, 32BIT_MAC HINE, EXEC UTABLE_IMA GE, LINE_N UMS_STRIPP ED, RELOCS _STRIPPED Internet Provider seen in connection with other malwareĭNS traffic detected: queries fo r: s-bins. duckdns.or gCache-Con trol: no-c acheĭetected TCP or UDP traffic on non-standard ports HTTP traffic detected: GET /Remco s_S_ttbtMh tE31.bin H TTP/1.1Use r-Agent: M ozilla/5.0 (Windows NT 6.1 WO W64 Tride nt/7.0 rv :11.0) lik e GeckoHos t: s-bins. Uses a known web browser user agent for HTTP communication ![]() Source: Malware co nfiguratio n extracto r C2 URLs / IPs found in malware configuration ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |