Quote:(03-17-2022, 09:01 AM)mothered Wrote: [To see links please register here]
Moved from Hacking Tools to Cracking Tools.
Be sure to provide a VT report at your earliest convenience.
on this file bit coin miner in there
DNS Resolutions
virustotal.com/gui/file/5b3fef97cbf419df1dacfca74272598b46a57d0e919aa48491623f7e1a64aa42/detection
erdasaa.000webhostapp.com
xmr.2miners.com
IP Traffic
145.14.144.31:443 (TCP)
51.89.96.41:12222 (TCP)
File System Actions
Files Dropped
%APPDATA%\Chrome\updater.exe
%APPDATA%\Windows\Telemetry\sihost64.exe
42
/66
Community Score
42 security vendors and 3 sandboxes flagged this file as malicious
5b3fef97cbf419df1dacfca74272598b46a57d0e919aa48491623f7e1a64aa42
Supari Valo Checker.exe
14.75 MB
Size
2022-03-14 20:09:56 UTC4 months ago
checks-network-adapters detect-debug-environment direct-cpu-clock-access peexe runtime-modules
DETECTION
DETAILS
RELATIONS
BEHAVIOR
COMMUNITY
Security Vendors' Analysis
Ad-Aware
Gen:Variant.FakeAlert.2
Alibaba
RiskWare.BitCoinMiner
AhnLab-V3
Trojan/Win.Generic.R442712
MAX
TrojanDropper:Win32/Donut.2ca26879
ALYac
Gen:Variant.FakeAlert.2
Avast
Win32:Trojan-gen
AVG
Win32:Trojan-gen
Avira (no cloud)
HEUR/AGEN.1205338
BitDefender
Gen:Variant.FakeAlert.2
BitDefenderTheta
Gen:NN.ZexaF.34264.@t0@aO4VV2ji
CrowdStrike Falcon
Win/malicious_confidence_100% (W)
Cylance
Unsafe
Cynet
Malicious (score: 100)
Cyren
W32/FakeAlert.AEC.gen!Eldorado
DrWeb
Trojan.Inject4.28211
Elastic
Malicious (high Confidence)
Emsisoft
Trojan-Dropper.Agent (A)
eScan
Gen:Variant.FakeAlert.2
ESET-NOD32
A Variant Of Win32/TrojanDropper.Agent.SOV
Fortinet
W32/Tiny.NFR!tr
GData
Win32.Trojan.PSE.105JQKV
K7AntiVirus
Trojan ( 005883fd1 )
K7GW
Trojan ( 005883fd1 )
Kaspersky
Trojan.Win64.Donut.lhf
Lionic
Trojan.Win32.FakeAlert.4!c
Malwarebytes
Malware (ai Score=87)
MaxSecure
Trojan.Malware.300983.susgen
McAfee
Artemis!6B28814C072E
McAfee-GW-Edition
BehavesLike.Win32.Trojan.vc
Microsoft
Trojan:Win32/Tnega.RR!MTB
Palo Alto Networks
Generic.ml
Panda
Trj/CI.A
Rising
Backdoor.DCRat!8.129D9 (CLOUD)
Sangfor Engine Zero
Trojan.Win32.Tnega.RR
SecureAge APEX
Malicious
Sophos
Mal/Generic-S
Trapmine
Suspicious.low.ml.score
Trellix (FireEye)
Generic.mg.6b28814c072eea3c
TrendMicro
TROJ_GEN.R002C0DCB22
TrendMicro-HouseCall
TROJ_GEN.R002C0DCB22
VBA32
BScope.Trojan.Nitol
Yandex
Trojan.DR.Agent!Zua3BzTBZ9c