proxye.exe| Category | Machine | Started | Completed |
|---|---|---|---|
| FILE | s1_win7_x6402 | April 1, 2021, 11:25 a.m. | April 1, 2021, 11:27 a.m. |
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| No hosts contacted. | ||
| IP Address | Status | Action |
|---|---|---|
| No hosts contacted. | ||
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
| pdb_path | C:\paveyipahimobugucih16_pewopopopupafa-derafuloxoluven67-marohe.pdb�b |
| section | {u'size_of_data': u'0x00030c00', u'virtual_address': u'0x00019000', u'entropy': 7.916642032537894, u'name': u'.rdata', u'virtual_size': u'0x00030a72'} | entropy | 7.91664203254 | description | A section with a high entropy has been found | |||||||||
| entropy | 0.601851851852 | description | Overall entropy of this PE file is high | |||||||||||
| Bkav | W32.AIDetect.malware1 |
| Elastic | malicious (high confidence) |
| FireEye | Generic.mg.5ef2edbe6f861900 |
| Cylance | Unsafe |
| Sangfor | Trojan.Win32.Save.a |
| K7AntiVirus | Trojan ( 003e58dd1 ) |
| K7GW | Trojan ( 003e58dd1 ) |
| CrowdStrike | win/malicious_confidence_80% (D) |
| BitDefenderTheta | Gen:NN.ZexaF.34662.uqW@aCln@XhG |
| Symantec | ML.Attribute.HighConfidence |
| APEX | Malicious |
| McAfee-GW-Edition | BehavesLike.Win32.Generic.fc |
| Sophos | ML/PE-A |
| Ikarus | Trojan-Banker.UrSnif |
| Microsoft | Trojan:Win32/Glupteba!ml |
| Cynet | Malicious (score: 100) |
| Malwarebytes | Trojan.MalPack.GS |
| Rising | Malware.Heuristic!ET#85% (RDMK:cmRtazobLxMyulavf98V0FbXc9Mx) |
| SentinelOne | Static AI - Malicious PE |
| Qihoo-360 | HEUR/QVM10.1.48E1.Malware.Gen |