Nloader

Simple loader that includes the keyword 'campo' in the URL used to download other families.

Process spawned unexpected child process

This typically indicates the parent process was compromised via an exploit or macro.

ACProtect 1.3x - 1.4x DLL software

Detects file using ACProtect software.

Nloader Payload

Blocklisted process makes network request

UPX packed file

Detects executables packed with UPX/modified UPX open source packer.