Potential document exploit detected (unknown TCP traffic)ĭownloads files with wrong headers with respect to MIME Content-Type Potential document exploit detected (performs HTTP gets) Potential document exploit detected (performs DNS queries) Section loaded: \KnownDlls \api-ms-wi n-downleve l-shlwapi- l2-1-0.dll origin: U RLDownload ToFileAĭocument exploit detected (process start blacklist hit)
Source: C:\Program Files\Mic rosoft Off ice\Office 14\EXCEL.E XEĭocument exploit detected (drops PE files)ĭocument exploit detected (UrlDownloadToFile) Source: 8.3.ihryns c.exe.2300 00.0.unpac kĭocument exploit detected (creates forbidden files) Machine Learning detection for dropped fileĪntivirus or Machine Learning detection for unpacked file
Multi AV Scanner detection for submitted file Multi AV Scanner detection for dropped file Multi AV Scanner detection for domain / URL Source: C:\Users\u ser\AppDat a\Local\Mi crosoft\Wi ndows\Temp orary Inte rnet Files \Content.I E5\ZAE7RW1 P\55555555 5.png Source: C:\Users\u ser\AppDat a\Roaming\ Microsoft\ Vkhcejsfn\ ihrynsc.ex e
0 kommentar(er)
