Machine communicating with bad devices - locky
Log In or Register to download the BES file, and more.

0 Votes

Description

If this is relevant it means that your machine is talking to one of these IP's that are none as being related to locky.

95.181.171.58,185.14.30.97,195.22.28.196,195.22.28.198
 

Property Details

ID9276
StatusBeta - Preliminary testing ready for more
TitleMachine communicating with bad devices - locky
DomainBESC
CategoryMalware Detection
Download Size0
SourceBigFix.me
Source Release Date3/11/2016 12:00:00 AM
Keywordsmalware ioc locky dragons
Is TaskTrue
Added by on 3/11/2016 5:58:29 PM
Last Modified by on 3/11/2016 5:58:29 PM
Counters 4126 Views / 4 Downloads
User Rating 1 star 2 star 3 star 4 star 5 star * Average over 0 ratings. ** Log In or Register to add your rating.

Relevance

Used in 13 fixlets and 3 analyses   * Results in a true/false
Show indented relevance
name of operating system contains "Win"
Used in 1 fixlet   * Results in a true/false
Show indented relevance
set of concatenation ";" of ((unique values of ((remote address of it as string|"0.0.0.0")) of sockets of network) as string) contains set of ("95.181.171.58";"185.14.30.97";"195.22.28.196";"195.22.28.198";"pvwinlrmwvccuo.eu";"cgavqeodnop.it";"kqlxtqptsmys.in";"kqlxtqptsmys.in";"wblejsfob.pw")

Actions

Action 1 (default)

Action Link Click here to deploy this action.
Script Type BigFix Action Script 
// Enter your action script here
Success Criteria

This action will be considered successful when the applicability relevance evaluates to false.


Sharing

Social Media:
Share this page on Yammer


Comments

Log In or Register to leave comments!
 

Content

Search
Share
Learn
Projects

Utilities

View SCM Scripts
Base64 Converter
Shell to Action Script

About

About Us
Tour
FAQ
Terms
Contact Us

BigFix Resources

Download BigFix
Support
Forum
Github/Bigfix
bigfix.me All Content
Hosted on bigfixme-as