Score: | 56 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
AV Detection: |
---|
Multi AV Scanner detection for domain / URL |
Source: |
Virustotal: |
Perma Link |
Multi AV Scanner detection for submitted file |
Source: |
Virustotal: |
Perma Link |
Source: |
File opened: |
Jump to behavior | ||
Source: |
File opened: |
Jump to behavior | ||
Source: |
File opened: |
Jump to behavior | ||
Source: |
File opened: |
Jump to behavior | ||
Source: |
File opened: |
Jump to behavior | ||
Source: |
File opened: |
Jump to behavior |
Software Vulnerabilities: |
---|
Potential browser exploit detected (process start blacklist hit) |
Source: |
Process created: |
Jump to behavior |
Source: |
HTTP traffic detected: |
Source: |
DNS traffic detected: |
Source: |
String found in binary or memory: |
Source: |
Classification label: |
Source: |
File created: |
Jump to behavior |
Source: |
File created: |
Jump to behavior |
Source: |
File read: |
Jump to behavior |
Source: |
Key opened: |
Jump to behavior |
Source: |
Process created: |
|||
Source: |
Process created: |
|||
Source: |
Process created: |
|||
Source: |
Process created: |
Jump to behavior | ||
Source: |
Process created: |
Jump to behavior |
Source: |
Key value queried: |
Jump to behavior |
Source: |
File opened: |
Jump to behavior |
Source: |
Binary string: |
||
Source: |
Binary string: |
Source: |
Process information set: |
Jump to behavior | ||
Source: |
Process information set: |
Jump to behavior |
Malware Analysis System Evasion: |
---|
Found WSH timer for Javascript or VBS script (likely evasive script) |
Source: |
Window found: |
Jump to behavior |
Source: |
File opened: |
Jump to behavior | ||
Source: |
File opened: |
Jump to behavior | ||
Source: |
File opened: |
Jump to behavior | ||
Source: |
File opened: |
Jump to behavior | ||
Source: |
File opened: |
Jump to behavior | ||
Source: |
File opened: |
Jump to behavior |
Source: |
Binary or memory string: |
||
Source: |
Binary or memory string: |
||
Source: |
Binary or memory string: |
||
Source: |
Binary or memory string: |
Source: |
Key value queried: |
Jump to behavior |
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
139.45.196.83 | unknown | Netherlands | 9002 | RETN-ASEU | true |
Name | IP | Active |
---|---|---|
cobalten.com | 139.45.196.83 | true |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
true |
|
unknown | |
true |
|
low |