(cache)VxStream Sandbox - Intelligence Threatmap

Affected Countries

Country

USA

RUS

DEU

CZE

NLD

Behavior Indicators

Description

Modifies auto-execute functionality by setting/creating a value in the registry

registry-0

Reads the active computer name

registry-35

Has the ability to identify network operator related data

static-56

Accesses Software Policy Settings

registry-18

Sample was identified as malicious by a large number of Antivirus engines

avtest-3

Network Indicators

Host

Port

Category

Description

ETPro ID

82.195.232.82

50447

Potentially Bad Traffic

Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download

2016538

104.27.155.17

A Network Trojan was detected

Single char EXE direct download likely trojan (multiple families)

2018581

104.27.155.17

A Network Trojan was detected

Possible Malicious Macro DL EXE Feb 2016

2022550

104.27.155.17

56513

Potential Corporate Privacy Violation

PE EXE or DLL Windows file download HTTP

2018959

195.78.33.200

Potentially Bad Traffic

GENERIC SUSPICIOUS POST to Dotted Quad with Fake Browser 1

2018358