Malicious artifacts seen in the context of a contacted hostįound malicious artifacts related to "34.198.49.217" (ASN:, Owner: ). "" wrote 4 bytes to a remote process "C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe" (Handle: 672) "" wrote 52 bytes to a remote process "C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe" (Handle: 672) "" wrote 32 bytes to a remote process "C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe" (Handle: 672) ![]() "" wrote 4 bytes to a remote process "C:\Windows\System32\certutil.exe" (Handle: 736) "" wrote 52 bytes to a remote process "C:\Windows\System32\certutil.exe" (Handle: 736) "" wrote 32 bytes to a remote process "C:\Windows\System32\certutil.exe" (Handle: 736) "" wrote 4 bytes to a remote process "C:\Windows\System32\certutil.exe" (Handle: 672) "" wrote 52 bytes to a remote process "C:\Windows\System32\certutil.exe" (Handle: 672) "" wrote 32 bytes to a remote process "C:\Windows\System32\certutil.exe" (Handle: 672) "" wrote 52 bytes to a remote process "C:\Users\%USERNAME%\AppData\Local\Temp\is-2N08J.tmp\" (Handle: 168) "" wrote 32 bytes to a remote process "C:\Users\%USERNAME%\AppData\Local\Temp\is-2N08J.tmp\" (Handle: 168) "" wrote 4 bytes to a remote process "C:\Users\%USERNAME%\AppData\Local\Temp\is-2N08J.tmp\" (Handle: 168) ![]() ![]() "" wrote 1500 bytes to a remote process "C:\Users\%USERNAME%\AppData\Local\Temp\is-2N08J.tmp\" (Handle: 168)
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |