Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Aug. 21, 2023, 10:16 a.m.	Aug. 21, 2023, 10:22 a.m.

Size	253.7KB
Type	PE32+ executable (GUI) x86-64, for MS Windows
MD5	`f0e7def68cf0ad13fa1465a84081e7fa`
SHA256	`8dc60ed97c72e928555748075175d01c1568d89536d5b0040d6edd977e9613e3`
CRC32	`91C6F9F4`
ssdeep	`3072:/wxoSJkOZc+Yu8zNbCjPoXk8RB4QZvQHp4iFw5C84:/wxzvc+Yu8zNbc4kUB8HOUwC`
Yara	Malicious_Library_Zero - Malicious_Library OS_Processor_Check_Zero - OS Processor Check UPX_Zero - UPX packed file PE_Header_Zero - PE File Signature IsPE64 - (no description)

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
108.181.20.39	Active	Moloch

No Suricata Alerts

No Suricata TLS

section

_RDATA

host

108.181.20.39

Bkav	W32.Common.BAB208BF
Lionic	Trojan.Win32.Generic.4!c
Cynet	Malicious (score: 99)
ALYac	Trojan.GenericKD.68809411
VIPRE	Trojan.GenericKD.68809411
CrowdStrike	win/malicious_confidence_100% (W)
Alibaba	TrojanDropper:Win64/MalwareX.222c192e
K7GW	Trojan ( 005a9cfd1 )
K7AntiVirus	Trojan ( 005a9cfd1 )
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win64/TrojanDropper.Agent.ID
BitDefender	Trojan.GenericKD.68809411
MicroWorld-eScan	Trojan.GenericKD.68809411
Avast	Win64:MalwareX-gen [Trj]
Rising	Dropper.Agent!8.2F (TFE:5:43LKmx2sMyE)
Emsisoft	Trojan.GenericKD.68809411 (B)
F-Secure	Trojan.TR/Drop.Agent.yikaz
McAfee-GW-Edition	Artemis!Trojan
FireEye	Trojan.GenericKD.68809411
Sophos	Mal/Generic-S
Ikarus	Trojan-Dropper.Win64.Agent
GData	Trojan.GenericKD.68809411
Webroot	W32.Malware.Gen
Avira	TR/Drop.Agent.yikaz
Antiy-AVL	Trojan/Win32.Wacatac
Microsoft	Trojan:Win64/Generic
Google	Detected
AhnLab-V3	Packed/Win.Agent.C5468009
McAfee	Artemis!F0E7DEF68CF0
MAX	malware (ai score=80)
Cylance	unsafe
Fortinet	W64/Agent.ID!tr
AVG	Win64:MalwareX-gen [Trj]
Cybereason	malicious.7b9e70
DeepInstinct	MALICIOUS

Setup3.exe