Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6402 | April 1, 2021, 11:25 a.m. | April 1, 2021, 11:27 a.m. |
Name | Response | Post-Analysis Lookup |
---|---|---|
No hosts contacted. |
IP Address | Status | Action |
---|---|---|
No hosts contacted. |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
pdb_path | C:\paveyipahimobugucih16_pewopopopupafa-derafuloxoluven67-marohe.pdb b |
section | {u'size_of_data': u'0x00030c00', u'virtual_address': u'0x00019000', u'entropy': 7.916642032537894, u'name': u'.rdata', u'virtual_size': u'0x00030a72'} | entropy | 7.91664203254 | description | A section with a high entropy has been found | |||||||||
entropy | 0.601851851852 | description | Overall entropy of this PE file is high |
Bkav | W32.AIDetect.malware1 |
Elastic | malicious (high confidence) |
FireEye | Generic.mg.5ef2edbe6f861900 |
Cylance | Unsafe |
Sangfor | Trojan.Win32.Save.a |
K7AntiVirus | Trojan ( 003e58dd1 ) |
K7GW | Trojan ( 003e58dd1 ) |
CrowdStrike | win/malicious_confidence_80% (D) |
BitDefenderTheta | Gen:NN.ZexaF.34662.uqW@aCln@XhG |
Symantec | ML.Attribute.HighConfidence |
APEX | Malicious |
McAfee-GW-Edition | BehavesLike.Win32.Generic.fc |
Sophos | ML/PE-A |
Ikarus | Trojan-Banker.UrSnif |
Microsoft | Trojan:Win32/Glupteba!ml |
Cynet | Malicious (score: 100) |
Malwarebytes | Trojan.MalPack.GS |
Rising | Malware.Heuristic!ET#85% (RDMK:cmRtazobLxMyulavf98V0FbXc9Mx) |
SentinelOne | Static AI - Malicious PE |
Qihoo-360 | HEUR/QVM10.1.48E1.Malware.Gen |