All indicators are available only in the private webservice or standalone version.Multiple malicious artifacts seen in the context of different hosts Malicious artifacts seen in the context of a contacted hostįound malicious artifacts related to "163.172.80.114" (ASN:, Owner: ). "importantupdates.exe" wrote 4 bytes to a remote process "%APPDATA%\importantupdates\data.exe" (Handle: 140) "importantupdates.exe" wrote 52 bytes to a remote process "%APPDATA%\importantupdates\data.exe" (Handle: 140) "importantupdates.exe" wrote 32 bytes to a remote process "%APPDATA%\importantupdates\data.exe" (Handle: 140) "" wrote 52 bytes to a remote process "%APPDATA%\importantupdates\importantupdates.exe" (Handle: 148) "" wrote 32 bytes to a remote process "%APPDATA%\importantupdates\importantupdates.exe" (Handle: 148) "" wrote 4 bytes to a remote process "%APPDATA%\importantupdates\importantupdates.exe" (Handle: 148) "" wrote 1500 bytes to a remote process "%APPDATA%\importantupdates\importantupdates.exe" (Handle: 148) "" wrote 4 bytes to a remote process "%APPDATA%\importantupdates\data.exe" (Handle: 144) "" wrote 52 bytes to a remote process "%APPDATA%\importantupdates\data.exe" (Handle: 144) "" wrote 32 bytes to a remote process "%APPDATA%\importantupdates\data.exe" (Handle: 144)
0 Comments
Leave a Reply. |