How to scan the system for malware?

B

brar2019-08-12 19:54:02

Windows

brar, 2019-08-12 19:54:02

The provider forwarded a message from NCCKI with the following content:

NKTsKI has confirmed information about the introduction of
Trojan-Banker.Win32.RTM malware onto an object located in the address space of
your company.
In the period from June 25 to July 10, the facts of interaction
of the IP address presented in the attachment with the remote control center
(C&C) were recorded. To obtain C&C IP addresses, malware makes a request to
hxxps://chain[.]so/api/v2/get_tx_received/BTC/ (IP addresses 104.25.48.99,
104.25.47.99). The response contains a set of transactions to the crypto wallet account.

Who are NKTsKI, only today he found out, as well as the provider.
Windows 10 system. Built-in Windows antivirus.

Reply

Answer the question

In order to leave comments, you need to log in

4 answer(s)

R

Ronald McDonald, 2019-08-12
@brar

Antivirus. It is not necessary to install.
KVRT, DrWeb CuteIt.

K

Konstantin Tsvetkov, 2019-08-12
@tsklab

Verify the authenticity of the message: does the IP belong to you and are there any specified requests in the logs.

D

Dim Boy, 2019-08-12
@twix007

Install an antivirus for example and check!

C

CheBurashka, 2019-08-14
@CheBurashka

maybe there is a miner on the computer?