![]() The malware possibly checks the current affected hosts IP by looking at and/or.Some instances of this malware has information theft capabilities, it may upload Hawkeye_Keylogger_Stealer_Records_.txt from affected hosts, to any of the following ftp:.The malware attempts to connect to the following sites:.undefinedTempundefined\.bat : This file is detected as BAT/Small.NAN!tr.undefinedAppDataundefined\pidloc.txt : This text file contains the exact path for RegAsm.exe.undefinedAppDataundefined\pid.txt : This text file contains the Process ID for the malware executed.This malware drops the following file(s):.Since this is a generic detection, malware that are detected as MSIL/Injector.SSI!tr may have varying behaviour.īelow are examples of some of these behaviours: MSIL/Injector.SSI!tr is a generic detection for a trojan.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |