HTTP traffic contains suspicious features which may be indicative of malware related traffic Show sources
| network_anomaly | HTTP traffic contains a GET request with no user-agent header |
| network_anomaly | http://www.aieov.com/setup.exe |
| network_anomaly | http://www.aieov.com/logo.gif |
| network_anomaly | http://www.aieov.com/so.gif |
Performs some HTTP requests Show sources
| network_url | http://www.aieov.com/setup.exe |
| network_url | http://www.aieov.com/logo.gif |
| network_url | http://www.aieov.com/so.gif |
A process attempted to delay the analysis task. Show sources
| api_process_name | 607a45a0d2ba7e53249570ec9b1acada710aafd9.exe tried to sleep 265 seconds, actually delayed analysis time by 0 seconds |
Tries to unhook or modify Windows functions monitored by Cuckoo Show sources
| function_modify | function_name: connect, type: modification |
Creates RWX memory Show sources
| injection_rwx_memory | 0x00000040, NtAllocateVirtualMemory or VirtualProtectEx |