Sign in
Follow

ETPRO MALWARE Trojan.Llac.Win32 PUP Activity

 

 IP AddressPortHostname
Source (local) 58121  
Destination 8.18.45.85 (United States) http (80)  

 

Description:

 

False Positive:

  • MAYBE
  • The IP belongs to a CDN and is effectively shared across many service providers.
  • The domain being accessed is www.kqzyfj.com.
  • This domain is closely associated with Adware InstallCore.
  • It isn't clear if this is the more dangerous Llac Trojan or if it's just InstallCore.
  • The Llac Trojan has very little available information.

Action:

  • Alarm 

Comments

Powered by Zendesk