Jump to content

Is this false positive? Trojan Cobalt


Recommended Posts

files.zipMalwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 5/22/22
Scan Time: 6:00 PM
Log File: 9e3e650a-d9f0-11ec-acba-00ffe2653bd9.json

-Software Information-
Version: 4.5.9.198
Components Version: 1.0.1676
Update Package Version: 1.0.55256
License: Premium

-System Information-
OS: Windows 10 (Build 19044.1645)
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Scheduler
Result: Completed
Objects Scanned: 439269
Threats Detected: 4
Threats Quarantined: 4
Time Elapsed: 10 min, 50 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 1
Trojan.CobaltStrike, C:\PROGRAM FILES (X86)\IPVANISH VPN\WIREGUARD\AMD64\TUNNEL.DLL, Quarantined, 526, 1056847, , , , , 0C5D8A991935663FBA0DA52B43ED8088, E9C9BE6C7ACABCBDE4B852074748BD89A83B635AE968F7E727F98048C5E0998C

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 3
Trojan.CobaltStrike, C:\PROGRAM FILES (X86)\IPVANISH VPN\WIREGUARD\AMD64\TUNNEL.DLL, Quarantined, 526, 1056847, 1.0.55256, , ame, , 0C5D8A991935663FBA0DA52B43ED8088, E9C9BE6C7ACABCBDE4B852074748BD89A83B635AE968F7E727F98048C5E0998C
Trojan.CobaltStrike, C:\PROGRAMDATA\PACKAGE CACHE\{C1B7D123-F99A-4F30-86EE-277B3CD2350E}V4.0.8.124\IPVANISH-MAIN.MSI, Quarantined, 526, 1056847, 1.0.55256, , ame, , 5CBB276C2C25762F4A3ACA30A5BCE88C, A5A710E075A64E6FA79C2FF6BA9A851935042ABC752BBF3C30CC46B20B71FBE2
Trojan.CobaltStrike, C:\WINDOWS\INSTALLER\196136A2.MSI, Quarantined, 526, 1056847, 1.0.55256, , ame, , 5CBB276C2C25762F4A3ACA30A5BCE88C, A5A710E075A64E6FA79C2FF6BA9A851935042ABC752BBF3C30CC46B20B71FBE2

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

 

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.