Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6401 | April 2, 2021, 10:16 a.m. | April 2, 2021, 10:16 a.m. |
Name | Response | Post-Analysis Lookup |
---|---|---|
No hosts contacted. |
IP Address | Status | Action |
---|---|---|
92.53.96.245 | Active | Moloch |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
section | .sdata |
section | {u'size_of_data': u'0x0011f400', u'virtual_address': u'0x00002000', u'entropy': 7.864922168238561, u'name': u'.text', u'virtual_size': u'0x0011f314'} | entropy | 7.86492216824 | description | A section with a high entropy has been found | |||||||||
section | {u'size_of_data': u'0x00000a00', u'virtual_address': u'0x00122000', u'entropy': 7.344584954097322, u'name': u'.sdata', u'virtual_size': u'0x000008e8'} | entropy | 7.3445849541 | description | A section with a high entropy has been found | |||||||||
section | {u'size_of_data': u'0x000e7e00', u'virtual_address': u'0x00124000', u'entropy': 7.922071100565884, u'name': u'.rsrc', u'virtual_size': u'0x000e7c90'} | entropy | 7.92207110057 | description | A section with a high entropy has been found | |||||||||
entropy | 0.999759557586 | description | Overall entropy of this PE file is high |
host | 92.53.96.245 |
Elastic | malicious (high confidence) |
FireEye | Generic.mg.831d4e7f62efecd2 |
Cybereason | malicious.ebf644 |
Symantec | ML.Attribute.HighConfidence |
ESET-NOD32 | a variant of MSIL/Kryptik.AAEW |
APEX | Malicious |
Kaspersky | HEUR:Trojan-PSW.MSIL.Racealer.gen |
Sophos | ML/PE-A |
Microsoft | Program:Win32/Wacapew.C!ml |
Cynet | Malicious (score: 100) |
Malwarebytes | Spyware.PasswordStealer |
SentinelOne | Static AI - Malicious PE |
BitDefenderTheta | Gen:NN.ZemsilF.34662.cs2@a8W9Qjh |