Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	May 4, 2025, 12:45 p.m.	May 4, 2025, 1:21 p.m.

Size	1.9MB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`bea0979ff1507c184448d34e8ebc1644`
SHA256	`c523b92c9f4b4f31aa0d1517db96ed3689a6cff9ee798403042b2d240a306eef`
CRC32	`6B96901B`
ssdeep	`49152:dXmIk4Z/+MR0d44KYxyDVyF69p5/w0Qi:tqZM14ih9pmU`
Yara	themida_packer - themida packer PE_Header_Zero - PE File Signature IsPE32 - (no description) UPX_Zero - UPX packed file

9da5be10-7d6d-45f2-a9af-573f80036dcb.exe "C:\Users\test22\AppData\Local\Temp\9da5be10-7d6d-45f2-a9af-573f80036dcb.exe"
1460

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
104.16.231.132	Active	Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Checks if process is being debugged by a debugger (1 event)

Time & API	Arguments	Status	Return	Repeated
IsDebuggerPresent May 4, 2025, 12:45 p.m.			0	0

The executable contains unknown PE section names indicative of a packer (could be a false positive) (6 events)

section	\x00
section	.idata
section
section	fraqcwns
section	mvcyamia
section	.taggant

One or more processes crashed (50 out of 121 events)

Time & API	Arguments	Status
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x778d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x778d9ea5 exception.instruction_r: fb e9 4e 01 00 00 60 8b 74 24 24 8b 7c 24 28 fc exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x3160b9 exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 3236025 exception.address: 0x16e60b9 registers.esp: 2030116 registers.edi: 0 registers.eax: 1 registers.ebp: 2030132 registers.edx: 25763840 registers.ebx: 2130567168 registers.esi: 0 registers.ecx: 0	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb 81 ec 04 00 00 00 89 14 24 55 bd c3 ab 57 3d exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x5febd exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 392893 exception.address: 0x142febd registers.esp: 2030080 registers.edi: 1971192040 registers.eax: 32402 registers.ebp: 3991134228 registers.edx: 20774912 registers.ebx: 3 registers.esi: 21167631 registers.ecx: 1971388416	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb 57 89 04 24 e9 93 fe ff ff c1 e6 05 81 ce 41 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x605ec exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 394732 exception.address: 0x14305ec registers.esp: 2030084 registers.edi: 1971192040 registers.eax: 4294938380 registers.ebp: 3991134228 registers.edx: 20774912 registers.ebx: 2660657238 registers.esi: 21200033 registers.ecx: 1971388416	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb 31 db ff 34 0b ff 34 24 8b 04 24 83 c4 04 81 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x60f45 exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 397125 exception.address: 0x1430f45 registers.esp: 2030084 registers.edi: 1971192040 registers.eax: 26067 registers.ebp: 3991134228 registers.edx: 20774912 registers.ebx: 1049952268 registers.esi: 21200033 registers.ecx: 21197670	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb 50 e9 d4 03 00 00 57 e9 27 01 00 00 ff 34 24 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x61274 exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 397940 exception.address: 0x1431274 registers.esp: 2030084 registers.edi: 1971192040 registers.eax: 240873 registers.ebp: 3991134228 registers.edx: 20774912 registers.ebx: 4294943744 registers.esi: 21200033 registers.ecx: 21197670	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb 83 ec 04 89 14 24 89 2c 24 53 c7 04 24 6c d8 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x1ead48 exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2010440 exception.address: 0x15bad48 registers.esp: 2030084 registers.edi: 21207392 registers.eax: 26265 registers.ebp: 3991134228 registers.edx: 338409 registers.ebx: 0 registers.esi: 22766498 registers.ecx: 22785922	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb 83 ec 04 e9 53 fa ff ff 59 c1 ed 08 c1 ed 06 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x1ec765 exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2017125 exception.address: 0x15bc765 registers.esp: 2030080 registers.edi: 21207392 registers.eax: 22789434 registers.ebp: 3991134228 registers.edx: 338409 registers.ebx: 0 registers.esi: 22766498 registers.ecx: 684425081	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb 29 f6 ff 34 30 57 e9 1c 08 00 00 83 c4 04 52 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x1ebe94 exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2014868 exception.address: 0x15bbe94 registers.esp: 2030084 registers.edi: 21207392 registers.eax: 22817347 registers.ebp: 3991134228 registers.edx: 338409 registers.ebx: 0 registers.esi: 22766498 registers.ecx: 684425081	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb 51 89 e1 81 ec 04 00 00 00 89 34 24 be 04 00 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x1ebd63 exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2014563 exception.address: 0x15bbd63 registers.esp: 2030084 registers.edi: 21207392 registers.eax: 22817347 registers.ebp: 3991134228 registers.edx: 338409 registers.ebx: 50665 registers.esi: 4294942148 registers.ecx: 684425081	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb 56 55 bd b1 4f fe 7e e9 40 01 00 00 59 83 c4 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x1eda3c exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2021948 exception.address: 0x15bda3c registers.esp: 2030080 registers.edi: 19770 registers.eax: 27413 registers.ebp: 3991134228 registers.edx: 95 registers.ebx: 22794188 registers.esi: 0 registers.ecx: 22796664	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb 81 ec 04 00 00 00 89 34 24 c7 04 24 43 82 7c exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x1edbda exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2022362 exception.address: 0x15bdbda registers.esp: 2030084 registers.edi: 19770 registers.eax: 0 registers.ebp: 3991134228 registers.edx: 95 registers.ebx: 22794188 registers.esi: 134889 registers.ecx: 22799581	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: ed 64 8f 05 00 00 00 00 51 54 59 57 bf 45 6d e3 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x1fada6 exception.instruction: in eax, dx exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2076070 exception.address: 0x15cada6 registers.esp: 2030076 registers.edi: 7024462 registers.eax: 1447909480 registers.ebp: 3991134228 registers.edx: 22104 registers.ebx: 1971327157 registers.esi: 22828724 registers.ecx: 20	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: 0f 3f 07 0b 64 8f 05 00 00 00 00 83 c4 04 83 fb exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x1fa3ab exception.address: 0x15ca3ab exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc000001d exception.offset: 2073515 registers.esp: 2030076 registers.edi: 7024462 registers.eax: 1 registers.ebp: 3991134228 registers.edx: 22104 registers.ebx: 0 registers.esi: 22828724 registers.ecx: 20	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: ed 81 fb 68 58 4d 56 75 0a c7 85 9f 38 5f 13 01 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x1f62db exception.instruction: in eax, dx exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2056923 exception.address: 0x15c62db registers.esp: 2030076 registers.edi: 7024462 registers.eax: 1447909480 registers.ebp: 3991134228 registers.edx: 22104 registers.ebx: 2256917605 registers.esi: 22828724 registers.ecx: 10	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: cd 01 eb 00 81 ee 26 ec 7f 32 60 f5 61 64 8f 05 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x1fe063 exception.instruction: int 1 exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000005 exception.offset: 2089059 exception.address: 0x15ce063 registers.esp: 2030044 registers.edi: 0 registers.eax: 2030044 registers.ebp: 3991134228 registers.edx: 57606 registers.ebx: 22864134 registers.esi: 87621632 registers.ecx: 793079176	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb 53 68 55 8b 08 70 e9 43 06 00 00 ff 34 24 e9 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x1fe856 exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2091094 exception.address: 0x15ce856 registers.esp: 2030084 registers.edi: 7024462 registers.eax: 28048 registers.ebp: 3991134228 registers.edx: 2130569853 registers.ebx: 69714265 registers.esi: 12110 registers.ecx: 22892853	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb 83 ec 04 e9 ae 04 00 00 5e 81 ee 12 49 fb 77 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x1fe8fc exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2091260 exception.address: 0x15ce8fc registers.esp: 2030084 registers.edi: 2283 registers.eax: 28048 registers.ebp: 3991134228 registers.edx: 2130569853 registers.ebx: 4294942464 registers.esi: 12110 registers.ecx: 22892853	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb 51 56 89 2c 24 c7 04 24 31 9c fd 69 81 34 24 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x20e4de exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2155742 exception.address: 0x15de4de registers.esp: 2030084 registers.edi: 21160802 registers.eax: 28978 registers.ebp: 3991134228 registers.edx: 607947088 registers.ebx: 22930835 registers.esi: 1971262480 registers.ecx: 0	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb 81 ef 1c 0e fd 2f 03 3c 24 50 89 14 24 ba 00 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x21180b exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2168843 exception.address: 0x15e180b registers.esp: 2030080 registers.edi: 22942552 registers.eax: 27643 registers.ebp: 3991134228 registers.edx: 607947088 registers.ebx: 612402432 registers.esi: 1975196124 registers.ecx: 630887772	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb e9 40 01 00 00 05 8e 4b 36 3f 89 c1 58 b8 49 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x211957 exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2169175 exception.address: 0x15e1957 registers.esp: 2030084 registers.edi: 22970195 registers.eax: 27643 registers.ebp: 3991134228 registers.edx: 607947088 registers.ebx: 612402432 registers.esi: 1975196124 registers.ecx: 630887772	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb e9 89 02 00 00 51 89 2c 24 56 89 24 24 81 04 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x2117d3 exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2168787 exception.address: 0x15e17d3 registers.esp: 2030084 registers.edi: 22945423 registers.eax: 262633 registers.ebp: 3991134228 registers.edx: 0 registers.ebx: 612402432 registers.esi: 1975196124 registers.ecx: 630887772	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb 52 89 04 24 b8 94 ff ff 20 e9 a0 fd ff ff 52 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x21473f exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2180927 exception.address: 0x15e473f registers.esp: 2030076 registers.edi: 22986381 registers.eax: 31802 registers.ebp: 3991134228 registers.edx: 0 registers.ebx: 41397942 registers.esi: 1975196124 registers.ecx: 1436146755	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb e9 9f ff ff ff 01 de 81 c6 d0 db e1 79 5b 87 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x214304 exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2179844 exception.address: 0x15e4304 registers.esp: 2030076 registers.edi: 22986381 registers.eax: 379414613 registers.ebp: 3991134228 registers.edx: 0 registers.ebx: 4294938044 registers.esi: 1975196124 registers.ecx: 1436146755	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb 53 89 0c 24 89 3c 24 e9 a6 04 00 00 87 04 24 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x21bb16 exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2210582 exception.address: 0x15ebb16 registers.esp: 2030076 registers.edi: 22986381 registers.eax: 1783979243 registers.ebp: 3991134228 registers.edx: 0 registers.ebx: 4294938044 registers.esi: 1975196124 registers.ecx: 22987135	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb e9 e5 00 00 00 52 68 74 67 e7 77 5a c1 e2 03 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x23ab7a exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2337658 exception.address: 0x160ab7a registers.esp: 2030044 registers.edi: 1501427607 registers.eax: 23141759 registers.ebp: 3991134228 registers.edx: 2130566132 registers.ebx: 0 registers.esi: 23107592 registers.ecx: 770834432	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb e9 f3 02 00 00 59 e9 ee 07 00 00 81 c1 ae cb exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x23acb4 exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2337972 exception.address: 0x160acb4 registers.esp: 2030044 registers.edi: 116969 registers.eax: 23114943 registers.ebp: 3991134228 registers.edx: 2130566132 registers.ebx: 0 registers.esi: 23107592 registers.ecx: 0	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb 56 c7 04 24 41 73 51 11 89 0c 24 b9 de f7 fa exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x23bfdb exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2342875 exception.address: 0x160bfdb registers.esp: 2030044 registers.edi: 116969 registers.eax: 0 registers.ebp: 3991134228 registers.edx: 23119751 registers.ebx: 93324800 registers.esi: 1375758944 registers.ecx: 1285481218	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb 52 ba 9b 02 7e 2d 53 55 bd 63 d4 f5 7f 81 c5 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x23d4a3 exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2348195 exception.address: 0x160d4a3 registers.esp: 2030040 registers.edi: 116969 registers.eax: 23121895 registers.ebp: 3991134228 registers.edx: 23119751 registers.ebx: 93324800 registers.esi: 1375758944 registers.ecx: 1178731074	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb 29 f6 ff 34 06 ff 34 24 8b 1c 24 50 89 1c 24 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x23d81f exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2349087 exception.address: 0x160d81f registers.esp: 2030044 registers.edi: 116969 registers.eax: 23152980 registers.ebp: 3991134228 registers.edx: 23119751 registers.ebx: 93324800 registers.esi: 1375758944 registers.ecx: 1178731074	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb 57 bf 82 ef d6 62 e9 c1 04 00 00 89 2c 24 56 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x23d2a0 exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2347680 exception.address: 0x160d2a0 registers.esp: 2030044 registers.edi: 116969 registers.eax: 23152980 registers.ebp: 3991134228 registers.edx: 23119751 registers.ebx: 974115176 registers.esi: 4294938492 registers.ecx: 1178731074	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb 51 c7 04 24 80 5a fd 7b 51 e9 79 ff ff ff ba exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x23e3d3 exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2352083 exception.address: 0x160e3d3 registers.esp: 2030044 registers.edi: 116969 registers.eax: 1874168672 registers.ebp: 3991134228 registers.edx: 0 registers.ebx: 974115176 registers.esi: 4294938492 registers.ecx: 23127479	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb 68 3f ce 0f 51 e9 8d 01 00 00 89 c6 58 81 6c exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x23f179 exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2355577 exception.address: 0x160f179 registers.esp: 2030044 registers.edi: 4294944668 registers.eax: 25485 registers.ebp: 3991134228 registers.edx: 525304664 registers.ebx: 604277078 registers.esi: 23154027 registers.ecx: 0	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb 57 89 0c 24 68 c4 27 ee 7b 8b 0c 24 83 c4 04 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x246616 exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2385430 exception.address: 0x1616616 registers.esp: 2030044 registers.edi: 4294944668 registers.eax: 0 registers.ebp: 3991134228 registers.edx: 23163352 registers.ebx: 4294961116 registers.esi: 2298801283 registers.ecx: 46296874	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb 81 ee 64 d1 fb 79 53 e9 c7 f8 ff ff 51 b9 92 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x249b9c exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2399132 exception.address: 0x1619b9c registers.esp: 2030040 registers.edi: 303843208 registers.eax: 31623 registers.ebp: 3991134228 registers.edx: 1023114119 registers.ebx: 327010301 registers.esi: 23171393 registers.ecx: 1046281852	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb 29 db 55 e9 9e ff ff ff 81 ec 04 00 00 00 89 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x2492bf exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2396863 exception.address: 0x16192bf registers.esp: 2030044 registers.edi: 303843208 registers.eax: 31623 registers.ebp: 3991134228 registers.edx: 1023114119 registers.ebx: 327010301 registers.esi: 23203016 registers.ecx: 1046281852	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb 55 bd 48 6b bb 35 83 ec 04 89 34 24 e9 78 02 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x24931f exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2396959 exception.address: 0x161931f registers.esp: 2030044 registers.edi: 1365792083 registers.eax: 31623 registers.ebp: 3991134228 registers.edx: 1023114119 registers.ebx: 4294938504 registers.esi: 23203016 registers.ecx: 1046281852	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb e9 22 f8 ff ff 83 c4 04 81 c4 04 00 00 00 81 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x24a69f exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2401951 exception.address: 0x161a69f registers.esp: 2030044 registers.edi: 1365792083 registers.eax: 32095 registers.ebp: 3991134228 registers.edx: 23206694 registers.ebx: 1083780950 registers.esi: 23203016 registers.ecx: 1046281852	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb 50 c7 04 24 de a6 a1 52 89 04 24 56 c7 04 24 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x24a29b exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2400923 exception.address: 0x161a29b registers.esp: 2030044 registers.edi: 15290450 registers.eax: 32095 registers.ebp: 3991134228 registers.edx: 23177454 registers.ebx: 1083780950 registers.esi: 23203016 registers.ecx: 0	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb e9 93 00 00 00 83 ec 04 89 3c 24 89 e7 e9 ff exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x2555b6 exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2446774 exception.address: 0x16255b6 registers.esp: 2030044 registers.edi: 23184860 registers.eax: 28190 registers.ebp: 3991134228 registers.edx: 2130566132 registers.ebx: 2147483650 registers.esi: 23186558 registers.ecx: 23247758	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb 57 54 5f e9 44 01 00 00 81 c4 04 00 00 00 58 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x2551d1 exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2445777 exception.address: 0x16251d1 registers.esp: 2030044 registers.edi: 2298801283 registers.eax: 4294941908 registers.ebp: 3991134228 registers.edx: 2130566132 registers.ebx: 2147483650 registers.esi: 23186558 registers.ecx: 23247758	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb e9 8e 06 00 00 58 e9 60 02 00 00 81 c1 04 00 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x25fe2f exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2489903 exception.address: 0x162fe2f registers.esp: 2030044 registers.edi: 23229505 registers.eax: 82608464 registers.ebp: 3991134228 registers.edx: 23292613 registers.ebx: 23229473 registers.esi: 4294942068 registers.ecx: 770834432	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb 53 54 8b 1c 24 83 c4 04 83 ec 04 e9 a4 00 00 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x270279 exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2556537 exception.address: 0x1640279 registers.esp: 2030044 registers.edi: 23309402 registers.eax: 23361651 registers.ebp: 3991134228 registers.edx: 604801362 registers.ebx: 23291147 registers.esi: 3850220 registers.ecx: 4294938304	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb 50 b8 7c b8 5c 7f 81 ee 31 da fc 17 01 c6 51 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x27c378 exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2605944 exception.address: 0x164c378 registers.esp: 2030040 registers.edi: 3991134228 registers.eax: 30242 registers.ebp: 3991134228 registers.edx: 2130548686 registers.ebx: 2151696393 registers.esi: 23378362 registers.ecx: 2153925135	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb 53 89 0c 24 51 c7 04 24 01 dc df 55 e9 1c 00 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x27c17d exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2605437 exception.address: 0x164c17d registers.esp: 2030044 registers.edi: 605849943 registers.eax: 4294939576 registers.ebp: 3991134228 registers.edx: 2130548686 registers.ebx: 2151696393 registers.esi: 23408604 registers.ecx: 2153925135	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb 81 e9 29 b0 f6 7e 83 ec 04 89 04 24 e9 00 00 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x287386 exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2651014 exception.address: 0x1657386 registers.esp: 2030040 registers.edi: 0 registers.eax: 30927 registers.ebp: 3991134228 registers.edx: 11 registers.ebx: 23394652 registers.esi: 3850220 registers.ecx: 23423815	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb 68 3e 4e d9 54 89 0c 24 e9 2e 00 00 00 83 ec exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x28719b exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2650523 exception.address: 0x165719b registers.esp: 2030044 registers.edi: 0 registers.eax: 30927 registers.ebp: 3991134228 registers.edx: 11 registers.ebx: 23394652 registers.esi: 3850220 registers.ecx: 23454742	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb b8 f2 97 fb 7f 50 e9 f5 fa ff ff ff 34 24 58 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x2873fb exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2651131 exception.address: 0x16573fb registers.esp: 2030044 registers.edi: 0 registers.eax: 0 registers.ebp: 3991134228 registers.edx: 2665665128 registers.ebx: 23394652 registers.esi: 3850220 registers.ecx: 23426446	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb 56 89 1c 24 89 e3 81 c3 04 00 00 00 81 eb 04 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x29067e exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2688638 exception.address: 0x166067e registers.esp: 2030040 registers.edi: 0 registers.eax: 30530 registers.ebp: 3991134228 registers.edx: 2130566132 registers.ebx: 2107277376 registers.esi: 23461656 registers.ecx: 770834432	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb 81 ec 04 00 00 00 e9 b2 f7 ff ff 53 ff 74 24 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x290812 exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2689042 exception.address: 0x1660812 registers.esp: 2030044 registers.edi: 0 registers.eax: 30530 registers.ebp: 3991134228 registers.edx: 2130566132 registers.ebx: 2107277376 registers.esi: 23492186 registers.ecx: 770834432	1
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: fb 57 57 89 e7 81 c7 04 00 00 00 81 ef 04 00 00 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x290a12 exception.instruction: sti exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2689554 exception.address: 0x1660a12 registers.esp: 2030044 registers.edi: 0 registers.eax: 30530 registers.ebp: 3991134228 registers.edx: 2130566132 registers.ebx: 605325651 registers.esi: 23464610 registers.ecx: 770834432	1

Allocates read-write-execute memory (usually to unpack itself) (15 events)

Time & API	Arguments	Status
NtProtectVirtualMemory May 4, 2025, 12:45 p.m.	process_identifier: 1460 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 8192 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x7793f000 process_handle: 0xffffffff	1
NtProtectVirtualMemory May 4, 2025, 12:45 p.m.	process_identifier: 1460 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 8192 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x778b0000 process_handle: 0xffffffff	1
NtProtectVirtualMemory May 4, 2025, 12:45 p.m.	process_identifier: 1460 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 180224 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x013d1000 process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 4, 2025, 12:45 p.m.	process_identifier: 1460 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00430000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 4, 2025, 12:45 p.m.	process_identifier: 1460 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00650000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 4, 2025, 12:45 p.m.	process_identifier: 1460 region_size: 8192 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x006a0000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 4, 2025, 12:45 p.m.	process_identifier: 1460 region_size: 65536 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00940000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 4, 2025, 12:45 p.m.	process_identifier: 1460 region_size: 8192 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00950000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 4, 2025, 12:45 p.m.	process_identifier: 1460 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x009a0000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 4, 2025, 12:45 p.m.	process_identifier: 1460 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00950000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 4, 2025, 12:45 p.m.	process_identifier: 1460 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00950000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 4, 2025, 12:45 p.m.	process_identifier: 1460 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00950000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 4, 2025, 12:45 p.m.	process_identifier: 1460 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00950000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 4, 2025, 12:45 p.m.	process_identifier: 1460 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00950000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 4, 2025, 12:45 p.m.	process_identifier: 1460 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x009b0000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1

The binary likely contains encrypted or compressed data indicative of a packer (3 events)

section

{u'size_of_data': u'0x0002bc00', u'virtual_address': u'0x00001000', u'entropy': 7.9838995399199, u'name': u' \\x00 ', u'virtual_size': u'0x0005b000'}

entropy

7.98389953992

description

A section with a high entropy has been found

section

{u'size_of_data': u'0x001aa600', u'virtual_address': u'0x00316000', u'entropy': 7.953082047708874, u'name': u'fraqcwns', u'virtual_size': u'0x001ab000'}

entropy

7.95308204771

description

A section with a high entropy has been found

entropy

0.994184509648

description

Overall entropy of this PE file is high

Expresses interest in specific running processes (1 event)

process

system

Communicates with host for which no DNS query was performed (1 event)

host

104.16.231.132

Checks for the presence of known devices from debuggers and forensic tools (3 events)

file	\??\SICE
file	\??\SIWVID
file	\??\NTICE

Checks for the presence of known windows from debuggers and forensic tools (17 events)

Time & API	Arguments	Status	Return	Repeated
FindWindowA May 4, 2025, 12:45 p.m.	class_name: OLLYDBG window_name:		0	0
FindWindowA May 4, 2025, 12:45 p.m.	class_name: GBDYLLO window_name:		0	0
FindWindowA May 4, 2025, 12:45 p.m.	class_name: pediy06 window_name:		0	0
FindWindowA May 4, 2025, 12:45 p.m.	class_name: FilemonClass window_name:		0	0
FindWindowA May 4, 2025, 12:45 p.m.	class_name: FilemonClass window_name:		0	0
FindWindowA May 4, 2025, 12:45 p.m.	class_name: #0 window_name: File Monitor - Sysinternals: www.sysinternals.com		0	0
FindWindowA May 4, 2025, 12:45 p.m.	class_name: PROCMON_WINDOW_CLASS window_name:		0	0
FindWindowA May 4, 2025, 12:45 p.m.	class_name: #0 window_name: Process Monitor - Sysinternals: www.sysinternals.com		0	0
FindWindowA May 4, 2025, 12:45 p.m.	class_name: RegmonClass window_name:		0	0
FindWindowA May 4, 2025, 12:45 p.m.	class_name: RegmonClass window_name:		0	0
FindWindowA May 4, 2025, 12:45 p.m.	class_name: #0 window_name: Registry Monitor - Sysinternals: www.sysinternals.com		0	0
FindWindowA May 4, 2025, 12:45 p.m.	class_name: 18467-41 window_name:		0	0
FindWindowA May 4, 2025, 12:45 p.m.	class_name: FilemonClass window_name:		0	0
FindWindowA May 4, 2025, 12:45 p.m.	class_name: FilemonClass window_name:		0	0
FindWindowA May 4, 2025, 12:45 p.m.	class_name: #0 window_name: File Monitor - Sysinternals: www.sysinternals.com		0	0
FindWindowA May 4, 2025, 12:45 p.m.	class_name: PROCMON_WINDOW_CLASS window_name:		0	0
FindWindowA May 4, 2025, 12:45 p.m.	class_name: #0 window_name: Process Monitor - Sysinternals: www.sysinternals.com		0	0

Checks the version of Bios, possibly for anti-virtualization (2 events)

registry	HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion
registry	HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion

Detects VMWare through the in instruction feature (1 event)

Time & API	Arguments	Status	Return	Repeated
__exception__ May 4, 2025, 12:45 p.m.	stacktrace: exception.instruction_r: ed 64 8f 05 00 00 00 00 51 54 59 57 bf 45 6d e3 exception.symbol: 9da5be10-7d6d-45f2-a9af-573f80036dcb+0x1fada6 exception.instruction: in eax, dx exception.module: 9da5be10-7d6d-45f2-a9af-573f80036dcb.exe exception.exception_code: 0xc0000096 exception.offset: 2076070 exception.address: 0x15cada6 registers.esp: 2030076 registers.edi: 7024462 registers.eax: 1447909480 registers.ebp: 3991134228 registers.edx: 22104 registers.ebx: 1971327157 registers.esi: 22828724 registers.ecx: 20	1	0	0

File has been identified by 55 AntiVirus engines on VirusTotal as malicious (50 out of 55 events)

Bkav	W32.AIDetectMalware
tehtris	Generic.Malware
Cynet	Malicious (score: 99)
CAT-QuickHeal	Trojanpws.Stealerc
Skyhigh	BehavesLike.Win32.Themida.tc
ALYac	Trojan.GenericKD.76286067
Cylance	Unsafe
VIPRE	Trojan.GenericKD.76286067
Sangfor	Suspicious.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (W)
BitDefender	Trojan.GenericKD.76286067
K7GW	Trojan ( 00587f0f1 )
K7AntiVirus	Trojan ( 00587f0f1 )
Arcabit	Trojan.Generic.D48C0873
Symantec	Trojan.Sox5systemz!g2
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Packed.Themida.HZB
APEX	Malicious
Avast	Win32:Evo-gen [Trj]
Kaspersky	Trojan-PSW.Win32.Lumma.low
Alibaba	Packed:Win32/Themida.6f440809
NANO-Antivirus	Trojan.Win32.Lumma.kxbsdl
MicroWorld-eScan	Trojan.GenericKD.76286067
Rising	Trojan.Agent!1.12B48 (CLASSIC)
Emsisoft	Trojan.GenericKD.76286067 (B)
F-Secure	Trojan.TR/Crypt.XPACK.Gen
DrWeb	Trojan.PWS.Lumma.2626
TrendMicro	TrojanSpy.Win32.LUMMASTEALER.YXFDYZ
McAfeeD	Real Protect-LS!BEA0979FF150
Trapmine	malicious.high.ml.score
CTX	exe.trojan.themida
Sophos	Mal/Generic-S
SentinelOne	Static AI - Malicious PE
Google	Detected
Avira	TR/Crypt.XPACK.Gen
Antiy-AVL	Trojan[PSW]/Win32.Lumma
Kingsoft	malware.kb.b.999
Gridinsoft	Trojan.Heur!.038120A1
Microsoft	Trojan:Win32/Caynamer.A!ml
ViRobot	Trojan.Win.Z.Themida.1940992.F
GData	Trojan.GenericKD.76286067
Varist	W32/Themida.CT.gen!Eldorado
AhnLab-V3	Trojan/Win.Generic.R691709
McAfee	Artemis!BEA0979FF150
DeepInstinct	MALICIOUS
Malwarebytes	Trojan.Amadey
Ikarus	Trojan.Win32.LummaStealer
Zoner	Probably Heur.ExeHeaderL
TrendMicro-HouseCall	Trojan.Win32.VSX.PE04C9Z
Tencent	Trojan-DL.Win32.Deyma.kh

9da5be10-7d6d-45f2-a9af-573f80036dcb

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All