Posts

Showing posts from January, 2019

Malware Report: iauzzy.exe

Image
Malware report of iauzzy.exe Summary This malware will create a file named ‘qqt.exe’ under the %WinDir%. This is the exact malicious executable file. qqt.exe is able to communicate to the ‘Command & Control’ server via IRC. The controller behind is able to execute any code; reboot the infected machine; clean the malware itself, etc.

Malware Report: withme.exe

Image
Malware Report withme.exe Summary This Withme.exe will drop a executable file ‘A-1980682553.exe’ to the location %AppData%. Also It will add itself to runonce registry. This is the exact malware. It’s able to communicate with C2 server, which domain is ‘sexwithme.info’ wia port 6667.