Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6402 | April 1, 2021, 6:19 p.m. | April 1, 2021, 6:19 p.m. |
Name | Response | Post-Analysis Lookup |
---|---|---|
No hosts contacted. |
IP Address | Status | Action |
---|---|---|
No hosts contacted. |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
section | {u'size_of_data': u'0x000a2200', u'virtual_address': u'0x00002000', u'entropy': 7.880110596134168, u'name': u'.text', u'virtual_size': u'0x000a20f4'} | entropy | 7.88011059613 | description | A section with a high entropy has been found | |||||||||
section | {u'size_of_data': u'0x000b2000', u'virtual_address': u'0x000a6000', u'entropy': 6.950448991297877, u'name': u'.rsrc', u'virtual_size': u'0x000b1fa0'} | entropy | 6.9504489913 | description | A section with a high entropy has been found | |||||||||
entropy | 0.999632623071 | description | Overall entropy of this PE file is high |
Elastic | malicious (high confidence) |
FireEye | Generic.mg.92fc1129af30ba08 |
Cylance | Unsafe |
Cybereason | malicious.46a78d |
Symantec | ML.Attribute.HighConfidence |
ESET-NOD32 | a variant of MSIL/Kryptik.AAEP |
APEX | Malicious |
Avast | Win32:MalwareX-gen [Trj] |
Kaspersky | HEUR:Trojan-Spy.MSIL.Stealer.gen |
DrWeb | Trojan.PWS.Stealer.30110 |
ZoneAlarm | HEUR:Trojan-Spy.MSIL.Stealer.gen |
Cynet | Malicious (score: 100) |
McAfee | PWS-FCXP!92FC1129AF30 |
Malwarebytes | Malware.AI.539684289 |
Fortinet | MSIL/GenKryptik.FDJX!tr |
BitDefenderTheta | Gen:NN.ZemsilF.34662.vn2@a0YStFdG |
AVG | Win32:MalwareX-gen [Trj] |
CrowdStrike | win/malicious_confidence_80% (D) |