String found in binary or memory: anna.liber o.it/favic on.ico String found in binary or memory: anna.liber o.it/ String found in binary or memory: adna.elmun do.es/favi con.ico String found in binary or memory: adna.elmun do.es/ String found in binary or memory: zon.fr/ ![]() ru/ equals u (Rambler )ĭNS traffic detected: queries fo r: platfor m.edrawsof t.com String found in binary or memory: w.rambler. com/ equals w ww.faceboo k.com (Fac ebook) String found in binary or memory: w.facebook. ![]() HTTP traffic detected: GET /rest/ v2/downloa der/runtim e/?client_ sign=&produc t_id=5403 HTTP/1.1Ac cept: */*R eferer: ht tp://platf orm.edraws oft.com/re st/v2/down loader/run timeUser-A gent: Mozi lla/4.0 (c ompatible MSIE 8.0 Windows N T 6.1 Tri dent/4.0)H ost: platf orm.edraws oft.comCon nection: C loseData R aw: 00 Dat a Ascii:įound strings which match to known social media urls Uses a known web browser user agent for HTTP communication IP address seen in connection with other malware
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |