Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	April 6, 2021, 11:05 a.m.	April 6, 2021, 11:05 a.m.

Size	7.5KB
Type	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`6be41709f8bfbf06307cc56d04249801`
SHA256	`0099e62ea3beb0f1631eb088bd697fd829963713ef4cb0e3a0a72b8c950c2383`
CRC32	`F4B3FBBE`
ssdeep	`192:3rFqRMky3fM9V7FKI47Wd+h4+0XoQ9DWhL3mj9:3rFqRMh3KlFP47Wd+hr059UL3m`
PDB Path	C:\Users\Test\source\repos\Pastebin Payload\Pastebin Payload\obj\Release\Pastebin Payload.pdb
Yara	Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT PE_Header_Zero - PE File Signature Zero IsPE32 - (no description) IsNET_EXE - (no description) IsWindowsGUI - (no description) HasDebugData - DebugData Check

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

This executable has a PDB path (1 event)

pdb_path

C:\Users\Test\source\repos\Pastebin Payload\Pastebin Payload\obj\Release\Pastebin Payload.pdb

File has been identified by 49 AntiVirus engines on VirusTotal as malicious (49 events)

MicroWorld-eScan	Gen:Variant.Bulz.406461
FireEye	Generic.mg.6be41709f8bfbf06
McAfee	RDN/Generic Downloader.x
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Trojan-Downloader ( 004d40511 )
Alibaba	TrojanPSW:MSIL/Racealer.d036ce19
K7GW	Trojan-Downloader ( 004d40511 )
Cybereason	malicious.9f8bfb
Arcabit	Trojan.Bulz.D633BD
Cyren	W32/Trojan.MEWZ-9122
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/TrojanDownloader.Agent.BCI
APEX	Malicious
Avast	Win32:DropperX-gen [Drp]
Kaspersky	HEUR:Trojan-PSW.MSIL.Racealer.gen
BitDefender	Gen:Variant.Bulz.406461
Paloalto	generic.ml
Ad-Aware	Gen:Variant.Bulz.406461
Emsisoft	Trojan.Agent (A)
Comodo	Malware@#3tzfnsb5jcfa5
DrWeb	Trojan.Siggen12.62789
VIPRE	Win32.Malware!Drop
McAfee-GW-Edition	RDN/Generic Downloader.x
Sophos	Mal/Generic-S
Ikarus	Trojan.MSIL.Tiny
Webroot	W32.Trojan.Gen
Avira	TR/Dldr.Agent.zjrdy
Kingsoft	Win32.PSWTroj.Undef.(kcloud)
Gridinsoft	Trojan.Win32.Downloader.vb
Microsoft	Trojan:Win32/Ymacco.AA00
AegisLab	Trojan.Win32.Bulz.4!c
ZoneAlarm	HEUR:Trojan-PSW.MSIL.Racealer.gen
GData	Gen:Variant.Bulz.406461
Cynet	Malicious (score: 90)
AhnLab-V3	Trojan/Win.UN.C4401427
BitDefenderTheta	Gen:NN.ZemsilF.34670.am0@aaeyfup
ALYac	Gen:Variant.Bulz.406461
MAX	malware (ai score=99)
Malwarebytes	Trojan.Downloader.MSIL.Generic
TrendMicro-HouseCall	TROJ_GEN.R002H0CCV21
Rising	Downloader.Agent!8.B23 (CLOUD)
SentinelOne	Static AI - Malicious PE
Fortinet	MSIL/Agent.BCI!tr
MaxSecure	Trojan.Malware.74493398.susgen
AVG	Win32:DropperX-gen [Drp]
Panda	Trj/GdSda.A
CrowdStrike	win/malicious_confidence_100% (W)
Qihoo-360	Win32/TrojanSpy.Raccoon.HgIASR0A

china.png

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All