Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6402	April 1, 2021, 4:13 p.m.	April 1, 2021, 4:13 p.m.

Size	48.7KB
Type	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`1d70f97a7e5e8b81f9e91dc7c6e10bef`
SHA256	`dd5b025ec562b7a10027aedae9f07c6b6db3851d27d81bca4bd6216718ba08e0`
CRC32	`159F8A4D`
ssdeep	`768:CPnYtUEnYCxnYddPeRl+jbe8iDLgFmGfljGflvx/FIwJGun51uNtXh+:CPnY2EnYCxnYdd4lMbJzta`
Yara	Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT PE_Header_Zero - PE File Signature Zero IsPE32 - (no description) IsNET_EXE - (no description) IsWindowsGUI - (no description) HasOverlay - Overlay Check

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

No Suricata Alerts

No Suricata TLS

FireEye	Generic.mg.1d70f97a7e5e8b81
McAfee	Artemis!1D70F97A7E5E
Cylance	Unsafe
Cybereason	malicious.0f505c
Cyren	W32/MSIL_Kryptik.DNB.gen!Eldorado
ESET-NOD32	a variant of MSIL/TrojanDownloader.Agent.HRD
APEX	Malicious
Avast	FileRepMalware
BitDefender	Gen:Variant.Bulz.413992
Tencent	Win32.Trojan.Inject.Auto
McAfee-GW-Edition	Artemis!Trojan
eGambit	Unsafe.AI_Score_99%
Microsoft	Trojan:Win32/AgentTesla!ml
AegisLab	Trojan.MSIL.Agensla.i!c
BitDefenderTheta	Gen:NN.ZemsilF.34662.dm1@aODUgC
MAX	malware (ai score=81)
Rising	Trojan.AgentTesla!8.104D5 (CLOUD)
Ikarus	Trojan-Downloader.MSIL.Agent
Fortinet	MSIL/Kryptik.DNK!tr.dldr
AVG	FileRepMalware

dubecrypt.pdf