Automated Malware Analysis IOC Report for

Files

File Path

Type

Category

Malicious

Verus.exe

PE32 executable (GUI) Intel 80386, for MS Windows

initial sample

Details

Filetype:	PE32 executable (GUI) Intel 80386, for MS Windows
Entropy:	6.894087108591329
Filename:	Verus.exe
Filesize:	2394152
MD5:	9639830d1a300d2e4c409c5809374039
SHA1:	69a8860b3e95de30f7abb485d11908c4deceff68
SHA256:	6d7a6e7c674e93b337ed751614e214ab6430a4c4ae5a9811c3ed3fdac5e0ae59
SHA512:	8d5a1aa9e840fdb105131f5b28883f565ec2361c2a3cad3439f4221daf886ad1770baabb4027383c5e48e532e8e6222eef789b08dc2dd2a3f4dfce63c0545efa
SSDEEP:	24576:c9oYv0s5EOybPGe+LAm0q9eKYSec3skTdG6kFjN/FGitIFcGbQD4vWpy0JeWJ06G:Kvvv9e0eyskTdh2N/FGiuFcZi0g0DU5T
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........}.....Y...Y...Y.N:Y...Y.N+Y...Y...Y...Y.N,Y<..Y.d%Y...Y...Y...Y...Y...Y...Y...Y.d+Y...Y.N;Y...Y.d>Y...YRich...Y........PE..L..

Signature Hits	Behavior Group	Mitre Attack
Found malware configuration	AV Detection
Multi AV Scanner detection for submitted file	AV Detection
LummaC encrypted strings found	HIPS / PFW / Operating System Protection Evasion	PowerShell
Checks if the current process is being debugged	Anti Debugging
Contains functionality for read data from the clipboard	Key, Mouse, Clipboard, Microphone and Screen Capturing
Contains functionality to call native functions	System Summary
Contains functionality to check if a debugger is running (IsDebuggerPresent)	Anti Debugging
Contains functionality to check if a window is minimized (may be used to check if an application is visible)	Hooking and other Techniques for Hiding and Protection	Application Window Discovery
Contains functionality to communicate with device drivers	System Summary
Contains functionality to dynamically determine API calls	Data Obfuscation, Anti Debugging	Native API
Contains functionality to read the PEB	Anti Debugging
Contains functionality to read the clipboard data	Key, Mouse, Clipboard, Microphone and Screen Capturing	Clipboard Data
Contains functionality which may be used to detect a debugger (GetProcessHeap)	Anti Debugging	Security Software Discovery
Detected potential crypto function	System Summary	System Time Discovery Process Discovery Archive Collected Data
Extensive use of GetProcAddress (often used to hide API calls)	Hooking and other Techniques for Hiding and Protection
Found inlined nop instructions (likely shell or obfuscated code)	Software Vulnerabilities
Found large amount of non-executed APIs	Malware Analysis System Evasion	System Time Discovery
Found potential string decryption / allocating functions	System Summary	Deobfuscate/Decode Files or Information
May sleep (evasive loops) to hinder dynamic analysis	Malware Analysis System Evasion	Virtualization/Sandbox Evasion File and Directory Discovery
Monitors certain registry keys / values for changes (often done to protect autostart functionality)	Hooking and other Techniques for Hiding and Protection	Query Registry
One or more processes crash	System Summary
PE / OLE file has an invalid certificate	System Summary	File and Directory Discovery
PE file contains an invalid checksum	Data Obfuscation
Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)	Malware Analysis System Evasion	Windows Management Instrumentation
Queries the volume information (name, serial number etc) of a device	Language, Device and Operating System Detection	Native API
Sample file is different than original file name gathered from version info	System Summary
Uses 32bit PE files	Compliance, System Summary
Uses code obfuscation techniques (call, push, ret)	Data Obfuscation	Obfuscated Files or Information
Contains functionality to check free disk space	System Summary	System Information Discovery
Contains functionality to enum processes or threads	System Summary	Process Discovery
Contains functionality to enumerate / list files inside a directory	Spreading, Malware Analysis System Evasion	File and Directory Discovery
Contains functionality to instantiate COM classes	System Summary
Contains functionality to load and extract PE file embedded resources	System Summary
Contains functionality to query local / system time	Language, Device and Operating System Detection
Contains functionality to query time zone information	Language, Device and Operating System Detection	System Time Discovery
Contains functionality to query windows version	Language, Device and Operating System Detection	System Information Discovery
Contains functionality to register its own exception handler	Anti Debugging
Disables application error messsages (SetErrorMode)	Hooking and other Techniques for Hiding and Protection
PE file has an executable .text section and no other executable section	System Summary
Queries a list of all running processes	Malware Analysis System Evasion
Queries the cryptographic machine GUID	Language, Device and Operating System Detection
Reads software policies	System Summary
Sample is known by Antivirus	System Summary
Sample might require command line arguments	System Summary	Command and Scripting Interpreter Security Software Discovery
Sample reads its own file content	System Summary
Tries to load missing DLLs	System Summary	DLL Side-Loading
URLs found in memory or binary data	Networking
PE file has a big raw section	System Summary
Submission file is bigger than most known malware samples	System Summary

C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_Verus.exe_60c2564910af18faa22197385ca3547fdd3431b_6e980beb_4fc4714e-6a46-4c80-b28f-3fd7bfcdd490\Report.wer

Unicode text, UTF-16, little-endian text, with CRLF line terminators

dropped

Details

File:	C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_Verus.exe_60c2564910af18faa22197385ca3547fdd3431b_6e980beb_4fc4714e-6a46-4c80-b28f-3fd7bfcdd490\Report.wer
Category:	dropped
Dump:	Report.wer.6.dr
ID:	dr_0
Target ID:	6
Process:	C:\Windows\SysWOW64\WerFault.exe
Type:	Unicode text, UTF-16, little-endian text, with CRLF line terminators
Entropy:	1.0748308489921798
Encrypted:	false
Ssdeep:	192:P22x680ao80BU/wjJqhD0OzuiFhZ24IO8z:vot3BU/wj9OzuiFhY4IO8z
Size:	65536
Whitelisted:	false
Reputation:	low

Signature Hits	Behavior Group	Mitre Attack
Multi AV Scanner detection for submitted file	AV Detection
LummaC encrypted strings found	HIPS / PFW / Operating System Protection Evasion	PowerShell Deobfuscate/Decode Files or Information
PE / OLE file has an invalid certificate	System Summary
PE file contains an invalid checksum	Data Obfuscation
Sample file is different than original file name gathered from version info	System Summary
Uses 32bit PE files	Compliance, System Summary
PE file has an executable .text section and no other executable section	System Summary
Sample is known by Antivirus	System Summary
Sample might require command line arguments	System Summary	Command and Scripting Interpreter
URLs found in memory or binary data	Networking
PE file has a big raw section	System Summary
Submission file is bigger than most known malware samples	System Summary

C:\ProgramData\Microsoft\Windows\WER\Temp\WER10AC.tmp.dmp

Mini DuMP crash report, 15 streams, Mon Oct 14 07:41:29 2024, 0x1205a4 type

dropped

Details

File:	C:\ProgramData\Microsoft\Windows\WER\Temp\WER10AC.tmp.dmp
Category:	dropped
Dump:	WER10AC.tmp.dmp.6.dr
ID:	dr_2
Target ID:	6
Process:	C:\Windows\SysWOW64\WerFault.exe
Type:	Mini DuMP crash report, 15 streams, Mon Oct 14 07:41:29 2024, 0x1205a4 type
Entropy:	2.0336667433889906
Encrypted:	false
Ssdeep:	384:COjCSh9RaBWNq1fZIu8NW7gkJQtcWbG05HWFaV8XnfkMWHA5Hdgpow:fdrRaBWNqdcg7fAXgHX1Opr
Size:	131090
Whitelisted:	false
Reputation:	low

C:\ProgramData\Microsoft\Windows\WER\Temp\WER11A7.tmp.WERInternalMetadata.xml

XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators

dropped

Details

File:	C:\ProgramData\Microsoft\Windows\WER\Temp\WER11A7.tmp.WERInternalMetadata.xml
Category:	dropped
Dump:	WER11A7.tmp.WERInternalMetadata.xml.6.dr
ID:	dr_3
Target ID:	6
Process:	C:\Windows\SysWOW64\WerFault.exe
Type:	XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
Entropy:	3.7007530219952662
Encrypted:	false
Ssdeep:	192:R6l7wVeJaO6jL6Y9nSUCUgmfUIprG89bjjsfRBm:R6lXJL6P6YNSUCUgmfUqjIfm
Size:	8350
Whitelisted:	false
Reputation:	low

C:\ProgramData\Microsoft\Windows\WER\Temp\WER11E6.tmp.xml

XML 1.0 document, ASCII text, with CRLF line terminators

dropped

Details

File:	C:\ProgramData\Microsoft\Windows\WER\Temp\WER11E6.tmp.xml
Category:	dropped
Dump:	WER11E6.tmp.xml.6.dr
ID:	dr_4
Target ID:	6
Process:	C:\Windows\SysWOW64\WerFault.exe
Type:	XML 1.0 document, ASCII text, with CRLF line terminators
Entropy:	4.481809090343319
Encrypted:	false
Ssdeep:	48:cvIwWl8zsBJg77aI9C/vWpW8VY1Ym8M4JUqFp+q8GDEWvUfhfDwMRd:uIjfTI7K+7VJJ/mWvUfhfLRd
Size:	4664
Whitelisted:	false
Reputation:	low

C:\Windows\appcompat\Programs\Amcache.hve

MS Windows registry file, NT/2000 or above

dropped

Details

File:	C:\Windows\appcompat\Programs\Amcache.hve
Category:	dropped
Dump:	Amcache.hve.6.dr
ID:	dr_1
Target ID:	6
Process:	C:\Windows\SysWOW64\WerFault.exe
Type:	MS Windows registry file, NT/2000 or above
Entropy:	4.465539495637126
Encrypted:	false
Ssdeep:	6144:ZIXfpi67eLPU9skLmb0b4FWSPKaJG8nAgejZMMhA2gX4WABl0uNTdwBCswSbd:qXD94FWlLZMM6YFHh+d
Size:	1835008
Whitelisted:	false
Reputation:	low

Processes

Path

Cmdline

Malicious

C:\Users\user\Desktop\Verus.exe

"C:\Users\user\Desktop\Verus.exe"

Details

Is windows:	false
Is dropped:	false
PID:	7416
Target ID:	0
Parent PID:	2580
Name:	Verus.exe
Path:	C:\Users\user\Desktop\Verus.exe
Commandline:	"C:\Users\user\Desktop\Verus.exe"
Size:	2394152
MD5:	9639830D1A300D2E4C409C5809374039
Time:	03:41:02
Date:	14/10/2024
Reason:	newprocess
Reputation:	low
Is admin:	true
Is elevated:	true
Modulebase:	0x400000
Modulesize:	2699264
Wow64:	true

Signature Hits	Behavior Group	Mitre Attack
Multi AV Scanner detection for submitted file	AV Detection
LummaC encrypted strings found	HIPS / PFW / Operating System Protection Evasion	PowerShell Deobfuscate/Decode Files or Information
PE / OLE file has an invalid certificate	System Summary
PE file contains an invalid checksum	Data Obfuscation
Sample file is different than original file name gathered from version info	System Summary
Uses 32bit PE files	Compliance, System Summary
PE file has an executable .text section and no other executable section	System Summary
Sample is known by Antivirus	System Summary
Sample might require command line arguments	System Summary	Command and Scripting Interpreter
Sample reads its own file content	System Summary
Spawns processes	System Summary	Process Injection
URLs found in memory or binary data	Networking
PE file has a big raw section	System Summary
Submission file is bigger than most known malware samples	System Summary

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 7416 -s 1812

Details

Is windows:	true
Is dropped:	false
PID:	7896
Target ID:	6
Parent PID:	7416
Name:	WerFault.exe
Path:	C:\Windows\SysWOW64\WerFault.exe
Commandline:	C:\Windows\SysWOW64\WerFault.exe -u -p 7416 -s 1812
Size:	483680
MD5:	C31336C1EFC2CCB44B4326EA793040F2
Time:	03:41:29
Date:	14/10/2024
Reason:	newprocess
Reputation:	high
Is admin:	true
Is elevated:	true
Modulebase:	0x520000
Modulesize:	499712
Wow64:	true

Signature Hits	Behavior Group	Mitre Attack
One or more processes crash	System Summary
Spawns processes	System Summary	Process Injection

URLs

Name

Malicious

enlargkiw.sbs

allocatinow.sbs

drawwyobstacw.sbs

mathcucom.sbs

https://enginenek.buzz/api

188.114.97.3

https://steamcommunity.com/profiles/76561199724331900

104.102.49.254

https://vennurviot.sbs/api

172.67.140.193

https://steamcommunity.com/profiles/76561199724331900/inventory/

unknown

ehticsprocw.sbs

condifendteu.sbs

https://drawwyobstacw.sbs/api

188.114.97.3

enginenek.buzz

https://resinedyw.sbs/api

172.67.205.156

https://mathcucom.sbs/api

188.114.96.3

resinedyw.sbs

vennurviot.sbs

https://www.cloudflare.com/learning/access-management/phishing-attack/

unknown

https://community.akamai.steamstatic.com/public/shared/javascript/auth_refresh.js?v=WgUxSlKTb3W1&amp

unknown

https://store.steampowered.com/;Persistent-AuthWWW-AuthenticateVarysteamCountry=US%7Cd7fb65801182a5f

unknown

https://steamcommunity.com/?subsection=broadcasts

unknown

https://sergei-esenin.com/

unknown

https://store.steampowered.com/subscriber_agreement/

unknown

https://community.akamai.steamstatic.com/public/javascript/applications/community/libraries~b28b7af6

unknown

http://www.valvesoftware.com/legal.htm

unknown

https://community.akamai.steamstatic.com/public/css/promo/summer2017/stickers.css?v=HA2Yr5oy3FFG&amp

unknown

https://community.akamai.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png

unknown

https://community.akamai.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.png

unknown

https://community.akamai.steamstatic.com/public/shared/css/shared_responsive.css?v=sHIIcMzCffX6&

unknown

https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedback

unknown

https://allocatinow.sbs/s

unknown

https://community.akamai.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=OeNIgrpEF8tL

unknown

https://community.akamai.steamstatic.com/public/javascript/applications/community/manifest.js?v=hgPi

unknown

https://community.akamai.steamstatic.com/public/css/skin_1/header.css?v=NFoCa4Ok

unknown

https://community.akamai.steamsta

unknown

https://community.akamai.steamstatic.com/public/css/skin_1/header.css?v=NFoCa4OkAxRb&l=english

unknown

http://www.entrust.net/rpa03

unknown

http://store.steampowered.com/privacy_agreement/

unknown

https://community.akam

unknown

https://store.steampowered.com/points/shop/

unknown

https://avatars.akamai.steamstatic.com/fef49e7fa7e1997310d705b2a6158ff8dc1cdfeb_full.jpg

unknown

https://store.steampowered.com/privacy_agreement/

unknown

https://www.cloudflare.com/5xx-error-landing

unknown

https://community.akamai.steamstatic.com/public/shared/css/shared_global.css?v=ezWS9te9Zwm9&l=en

unknown

https://community.akamai.steamstatic.com/public/css/skin_1/profilev

unknown

https://community.akamai.steamstatic.com/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0

unknown

http://crl.micK)

unknown

https://community.akamai.steamstatic.com/public/css/applications/community/main.css?v=2Ih2WOq7ErXY&a

unknown

https://mathcucom.sbs/

unknown

https://community.akamai.steamstatic.com/public/shared/javascript/shared_global.js?v=REEGJU1hwkYl&am

unknown

https://community.akamai.steamstatic.com/public/css/globalv2.css?v=PAcV2zMBzzSV&l=english

unknown

https://community.akamai.steamstatic.com/public/javascript/modalv2.js?v=dfMhuy-Lrpyo&l=english

unknown

https://community.akamai.steamstatic.com/public/shared/images/responsive/header_logo.png

unknown

https://community.akamai.steamstatic.com/public/css/skin_1/profilev2.css?v=M_qL4gO2sKII&l=englis

unknown

http://crl.entrust.net/2048ca.crl0

unknown

https://community.akamai.steamstatic.com/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC

unknown

https://store.steampowered.com/;

unknown

https://www.entrust.net/rpa0

unknown

https://store.steampowered.com/about/

unknown

https://steamcommunity.com/my/wishlist/

unknown

https://community.akamai.steamstatic.com/public/javascript/global.js?v=9OzcxMXbaV84&l=english

unknown

http://ocsp.entrust.net03

unknown

http://ocsp.entrust.net02

unknown

https://help.steampowered.com/en/

unknown

https://steamcommunity.com/market/

unknown

https://store.steampowered.com/news/

unknown

http://store.steampowered.com/subscriber_agreement/

unknown

https://allocatinow.sbs/api

unknown

https://steamcommunity.com/linkfilter/?u=http%3A%2F%2Fwww.geonames.org

unknown

https://community.akamai.steamstatic.com/public/css/skin_1/modalContent.css?v=.VpiwkLAYt9r1

unknown

https://community.akamai.steamstatic.com/public/javascript/promo/stickers.js?v=upl9NJ5D2xkP&l=en

unknown

http://www.FeyTools.com

unknown

https://steamcommunity.com/discussions/

unknown

https://store.steampowered.com/stats/

unknown

https://community.akamai.steamstatic.com/public/images/skin_1/footerLogo_valve.png?v=1

unknown

https://store.steampowered.com/steam_refunds/

unknown

https://resinedyw.sbs/

unknown

https://steamcommunity.com/login/home/?goto=profiles%2F76561199724331900

unknown

https://vennurviot.sbs/apis

unknown

https://ehticsprocw.sbs/.

unknown

https://community.akamai.steamstatic.com/public/javascript/webui/clientcom.js?v=jGtzAgjYROne&l=e

unknown

https://sergei-esenin.com:443/apita

unknown

http://crl.entrust.net/ts1ca.crl0

unknown

https://steamcommunity.com/workshop/

unknown

https://store.steampowered.com/legal/

unknown

https://community.akamai.steamstatic.com/public/javascript/reportedcontent.js?v=dAtjbcZMWhSe&l=e

unknown

https://allocatinow.sbs/a

unknown

https://community.akamai.steamstatic.com/public/shared/css/shared_resp

unknown

https://community.akamai.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?v=pSv

unknown

https://community.akamai.steamstatic.com/public/shared/css/motiva_sans.css?v=-DH0xTYpnVe2&l=engl

unknown

https://sergei-esenin.com/api/Tew

unknown

https://drawwyobstacw.sbs/api7j

unknown

http://aia.entrust.net/ts1-chain256.cer01

unknown

http://upx.sf.net

unknown

https://community.akamai.steamstatic.coD

unknown

https://drawwyobstacw.sbs/api/

unknown

https://store.steampowered.com/

unknown

https://community.akamai.steamstatic.com/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw

unknown

https://community.akamai.steamstatic.com/public/javascript/profile.js?v=f3v/

unknown

https://community.akamai.steamstatic.com/public/images/skin_1/arrowDn9x5.gif

unknown

https://vennurviot.sbs/q

unknown

There are 90 hidden URLs, click here to show them.

Domains

Name

Malicious

condifendteu.sbs

172.67.141.136

steamcommunity.com

104.102.49.254

vennurviot.sbs

172.67.140.193

drawwyobstacw.sbs

188.114.97.3

mathcucom.sbs

188.114.96.3

enginenek.buzz

188.114.97.3

sergei-esenin.com

104.21.53.8

ehticsprocw.sbs

172.67.173.224

resinedyw.sbs

172.67.205.156

enlargkiw.sbs

172.67.152.13

allocatinow.sbs

unknown

There are 1 hidden domains, click here to show them.

IPs

Domain

Country

Malicious

104.21.53.8

sergei-esenin.com

United States

Details

IP:	104.21.53.8
TargetID:	0
Current Path:	C:\Users\user\Desktop\Verus.exe
Country:	United States
Countrycode:	USA
ASN number:	13335
ASN name:	CLOUDFLARENETUS
Private:	false
Domain:	sergei-esenin.com

Signature Hits	Behavior Group	Mitre Attack
Suricata IDS alerts for network traffic	Networking
Uses secure TLS version for HTTPS connections	Compliance, Networking

188.114.97.3

drawwyobstacw.sbs

European Union

Details

IP:	188.114.97.3
TargetID:	0
Current Path:	C:\Users\user\Desktop\Verus.exe
Country:	European Union
Countrycode:	EU
ASN number:	13335
ASN name:	CLOUDFLARENETUS
Private:	false
Domain:	drawwyobstacw.sbs

Signature Hits	Behavior Group	Mitre Attack
Suricata IDS alerts for network traffic	Networking
Uses secure TLS version for HTTPS connections	Compliance, Networking

172.67.173.224

ehticsprocw.sbs

United States

Details

IP:	172.67.173.224
TargetID:	0
Current Path:	C:\Users\user\Desktop\Verus.exe
Country:	United States
Countrycode:	USA
ASN number:	13335
ASN name:	CLOUDFLARENETUS
Private:	false
Domain:	ehticsprocw.sbs

Signature Hits	Behavior Group	Mitre Attack
Suricata IDS alerts for network traffic	Networking
Uses secure TLS version for HTTPS connections	Compliance, Networking

188.114.96.3

mathcucom.sbs

European Union

Details

IP:	188.114.96.3
TargetID:	0
Current Path:	C:\Users\user\Desktop\Verus.exe
Country:	European Union
Countrycode:	EU
ASN number:	13335
ASN name:	CLOUDFLARENETUS
Private:	false
Domain:	mathcucom.sbs

Signature Hits	Behavior Group	Mitre Attack
Suricata IDS alerts for network traffic	Networking
Uses secure TLS version for HTTPS connections	Compliance, Networking

172.67.152.13

enlargkiw.sbs

United States

Details

IP:	172.67.152.13
TargetID:	0
Current Path:	C:\Users\user\Desktop\Verus.exe
Country:	United States
Countrycode:	USA
ASN number:	13335
ASN name:	CLOUDFLARENETUS
Private:	false
Domain:	enlargkiw.sbs

Signature Hits	Behavior Group	Mitre Attack
Suricata IDS alerts for network traffic	Networking
Uses secure TLS version for HTTPS connections	Compliance, Networking

172.67.141.136

condifendteu.sbs

United States

Details

IP:	172.67.141.136
TargetID:	0
Current Path:	C:\Users\user\Desktop\Verus.exe
Country:	United States
Countrycode:	USA
ASN number:	13335
ASN name:	CLOUDFLARENETUS
Private:	false
Domain:	condifendteu.sbs

Signature Hits	Behavior Group	Mitre Attack
Suricata IDS alerts for network traffic	Networking
Uses secure TLS version for HTTPS connections	Compliance, Networking

104.102.49.254

steamcommunity.com

United States

Details

IP:	104.102.49.254
TargetID:	0
Current Path:	C:\Users\user\Desktop\Verus.exe
Country:	United States
Countrycode:	USA
ASN number:	16625
ASN name:	AKAMAI-ASUS
Private:	false
Domain:	steamcommunity.com

Signature Hits	Behavior Group	Mitre Attack
Suricata IDS alerts for network traffic	Networking
Uses secure TLS version for HTTPS connections	Compliance, Networking

172.67.205.156

resinedyw.sbs

United States

Details

IP:	172.67.205.156
TargetID:	0
Current Path:	C:\Users\user\Desktop\Verus.exe
Country:	United States
Countrycode:	USA
ASN number:	13335
ASN name:	CLOUDFLARENETUS
Private:	false
Domain:	resinedyw.sbs

Signature Hits	Behavior Group	Mitre Attack
Suricata IDS alerts for network traffic	Networking
Uses secure TLS version for HTTPS connections	Compliance, Networking

172.67.140.193

vennurviot.sbs

United States

Details

IP:	172.67.140.193
TargetID:	0
Current Path:	C:\Users\user\Desktop\Verus.exe
Country:	United States
Countrycode:	USA
ASN number:	13335
ASN name:	CLOUDFLARENETUS
Private:	false
Domain:	vennurviot.sbs

Signature Hits	Behavior Group	Mitre Attack
Suricata IDS alerts for network traffic	Networking
Uses secure TLS version for HTTPS connections	Compliance, Networking