Malicious artifacts seen in the context of a contacted hostįound malicious artifacts related to "87.98.163.78". "ultracopier.exe" wrote 52 bytes to a remote process "C:\Windows\System32\regsvr32.exe" (Handle: 548) "ultracopier.exe" wrote 32 bytes to a remote process "C:\Windows\System32\regsvr32.exe" (Handle: 548) "ultracopier.exe" wrote 8 bytes to a remote process "C:\Windows\System32\regsvr32.exe" (Handle: 548) "ultracopier.exe" wrote 1500 bytes to a remote process "C:\Windows\System32\regsvr32.exe" (Handle: 548) "ultracopier.exe" wrote 52 bytes to a remote process "C:\Windows\System32\regsvr32.exe" (Handle: 572) "ultracopier.exe" wrote 32 bytes to a remote process "C:\Windows\System32\regsvr32.exe" (Handle: 572) "ultracopier.exe" wrote 8 bytes to a remote process "C:\Windows\System32\regsvr32.exe" (Handle: 572) "ultracopier.exe" wrote 1500 bytes to a remote process "C:\Windows\System32\regsvr32.exe" (Handle: 572) "regsvr32.exe" wrote 52 bytes to a remote process "C:\Windows\SysWOW64\regsvr32.exe" (Handle: 224) "regsvr32.exe" wrote 32 bytes to a remote process "C:\Windows\SysWOW64\regsvr32.exe" (Handle: 224) "regsvr32.exe" wrote 4 bytes to a remote process "C:\Windows\SysWOW64\regsvr32.exe" (Handle: 224) "regsvr32.exe" wrote 8 bytes to a remote process "C:\Windows\SysWOW64\regsvr32.exe" (Handle: 224) "regsvr32.exe" wrote 1500 bytes to a remote process "C:\Windows\SysWOW64\regsvr32.exe" (Handle: 224) "" wrote 8 bytes to a remote process "C:\Program Files\Ultracopier\ultracopier.exe" (Handle: 636) "" wrote 4 bytes to a remote process "C:\Program Files\Ultracopier\ultracopier.exe" (Handle: 636) "" wrote 52 bytes to a remote process "C:\Program Files\Ultracopier\ultracopier.exe" (Handle: 636) "" wrote 32 bytes to a remote process "%PROGRAMFILES%\Ultracopier\ultracopier.exe" (Handle: 636) "" wrote 52 bytes to a remote process "C:\Windows\System32\regsvr32.exe" (Handle: 28) "" wrote 32 bytes to a remote process "C:\Windows\System32\regsvr32.exe" (Handle: 28) "" wrote 8 bytes to a remote process "C:\Windows\System32\regsvr32.exe" (Handle: 28) "" wrote 4 bytes to a remote process "C:\Windows\System32\regsvr32.exe" (Handle: 28) "" wrote 1500 bytes to a remote process "C:\Windows\System32\regsvr32.exe" (Handle: 28) "" wrote 52 bytes to a remote process "C:\Windows\System32\regsvr32.exe" (Handle: 636) "" wrote 32 bytes to a remote process "C:\Windows\System32\regsvr32.exe" (Handle: 636) "" wrote 8 bytes to a remote process "C:\Windows\System32\regsvr32.exe" (Handle: 636) "" wrote 4 bytes to a remote process "C:\Windows\System32\regsvr32.exe" (Handle: 636) "" wrote 1500 bytes to a remote process "C:\Windows\System32\regsvr32.exe" (Handle: 636)
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |