Automated Malware Analysis IOC Report for

Details

Name:	http://www.screenblaze.com/
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
Antivirus detection for URL or domain	AV Detection
URLs found in memory or binary data	Networking

Details

Name:	http://www.dansvloerverhuur.nl/beheerpagina/avilllams.jpg
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
Antivirus detection for URL or domain	AV Detection
URLs found in memory or binary data	Networking

Details

Name:	http://kurdojan.tr.gg/http://kurdojan.tr.gg/sendusingsendpasswordmail
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://mabira.net/traff/controller.php?&ver=10&uid=windows
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	https://f.lewd.se/
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys
Reputation:	high

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://members.xoom.com/m53group
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys
Reputation:	high

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://www.xtzspxw.com/admin506/tt.htmwidth=0height=0
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://install2.mdvirus.com/db/%s
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://www.woai117.cn/
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://beautybrief.com/c/gate.phpmozilla/4.0
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://www.9aaa.comCompanyNameMicrosoft
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	https://bradesconetempresa.com.br
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://www.en100wan.com/google.htmwidth=0height=0
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	https://bit.ly/2srxmuq)
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys
Reputation:	high

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://ip.158166.com/zcb2009/ie7-0day.htmwidth=0height=0
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://www.notijuegoss.com
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	https://www.bbva.com
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys
Reputation:	high

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://www.cuteqq.cn/?from=.shellexecute(wwwcuteqqcn
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://.exe%s?v=%d&id=%x-%ssystem
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys
Reputation:	low

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://up.medbod.com/%s
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://www.cuteqq.cn/
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://bbva.com
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys
Reputation:	high

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://www.coolmelife.com/downloaddrivers
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://www.yn-zysc.com/shangHu/PSY.exe
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://www.exejoiner.com
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://www.dubfamily.com/visitors/
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://www.krvkr.com/worm.htmwidth=0height=0
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://gpt0.ru/web/rtcomh
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://mabira.net/traff/controller.php?&ver=8&uid=windows
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://xxx.ads555.com/html/ppfilm9.htmsc.exe
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://%s/go.php?gcode=%sact.auto-codec.comshoprinnai.comktcashmall.comemart.co.krhowmail.netbaidu.c
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys
Reputation:	low

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http:///xxmm2.exefuck
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys
Reputation:	low

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://www.fagulhasmagicas.kit.net/floresta.jpgc:
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://survey.news.sina.com.cn/polling.php
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
Binary contains paths to development resources	System Summary
URLs found in memory or binary data	Networking

Details

Name:	http://bsalsa.com/
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://www.caixa.gov.br
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://www.goog/click_second_new3.phpescape(window.location.href)
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://124.217.252.62/~admin/count.php?o=
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://www.nextel.com.mx/C:
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://s31.cnzz.com/stat.php?id=svchost.exe
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys
Reputation:	high

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://adurl.nethttp://mywebresults.info/client124.htmlhttp://ps.mynaagencies.com/?db=8
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://vbnet.mvps.org/resources/tools/getpublicip.shtmlc:
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys
Reputation:	high

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://192.168.11.40/c/t.phpFileExecutionModel::ExecuteFileFromBase64DataInject
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://booltz.comattempmessagesuploadusedloginhttpwebresponse
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://zief.pl/rc/
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://www.fgetchr.cn:81/g/tj/1/1.asp?mac=
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://you0idiot.web.fc2.com/crashme.html
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys
Reputation:	high

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://www.google.comhotmaillogs/pass
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://sigmalab.lv/other/crypt/SOFTWARE
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://www.okchistory.com/images/smilies/en-GB1.phpBradesco
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://www.bb.com.br/portalbbhttp://www.bradesco.com.brhttp://www.unibanco.com.brhttp://www.itau.com
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://www.highvalue.pt/wp-content/uploads/2015/01/?email=t.schorer
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://209.11.244.51/p.php?n=m
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://barsearch.co.kr/pro/cnt.php?mac=software
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=5
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys
Reputation:	high

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://116.37.147.205/hit.php
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://www.masm32.net/123.exe
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://tibia-inject.com/
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://%s/up/update.htmhttp://%s/page/ap.aspsoftware
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys
Reputation:	low

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	https://www.google.com/accounts/captcha?/rd/mydd.php?hui=%s&hui2=%s&hui3=%s&file=elite03/res.php?key
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys
Reputation:	high

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://gaagle2.com/207.226.178.158206.161.205.142admin
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://about-blank.namehkey_local_machine
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys
Reputation:	low

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://kurdojan.tr.gg/h
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://www.seduw.com:
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	https://bit.ly/2snjwv1)
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys
Reputation:	high

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://79.125.7.221/
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://barsearch.co.kr/pro/cnt.php?mac=
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://www.0x4f.cn/blogMZKERNEL32.DLLForm1VB5
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://sparkasse.de.datenbank.
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://69.50.170.100/mails/in
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://mabira.net/traff/controller.php?&ver=windows
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://%6d%61%63%72%2e%6d%69%63%72%6f%66%73%6f%74%2e%63%6f%6d/noindex.js
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys
Reputation:	low

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://woyaoshe.com/iptest/t/xcly.asposturl
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
May try to detect the Windows Explorer process (often used for injection)	HIPS / PFW / Operating System Protection Evasion	Process Injection Process Discovery
URLs found in memory or binary data	Networking

Details

Name:	http://www.orkut.com.br/home.aspxwww.google.com/accounts/servicelogin?service=orkutinternet
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	http://www.design-unleashed.com/administrator/images/backupo.txtC:
TargetID:	-1
From Memory:	true
Source:	0l7FCRHpVv.sys

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
0l7FCRHpVv

URLs

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report0l7FCRHpVv

URLs

IOC Report
0l7FCRHpVv