Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6402	April 9, 2021, 11:32 a.m.	April 9, 2021, 11:57 a.m.

Size	41.5KB
Type	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`464b0354583dc0d4534f643b205fa48c`
SHA256	`0e9ef25de332132de38039626500889d56c06c56e9e30ede2eef318113b00d0f`
CRC32	`0A5B3E4A`
ssdeep	`768:V3pCF4c3pCFMCWie3FaUiwL3NGfldqcU:V3pCF4c3pCFMvVaU/6jU`
Yara	Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT PE_Header_Zero - PE File Signature Zero IsPE32 - (no description) IsNET_EXE - (no description) IsWindowsGUI - (no description)

Name	Response	Post-Analysis Lookup
myliverpoolnews.cf

IP Address	Status	Action
164.124.101.2	Active	Moloch
172.217.25.14	Active	Moloch

No Suricata Alerts

No Suricata TLS

host

172.217.25.14

Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.GenericKD.36659267
FireEye	Generic.mg.464b0354583dc0d4
McAfee	Artemis!464B0354583D
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Trojan-Downloader ( 0057a7a71 )
K7GW	Trojan-Downloader ( 0057a7a71 )
Cyren	W32/MSIL_Kryptik.CXK.gen!Eldorado
Symantec	Trojan.Gen.2
ESET-NOD32	a variant of MSIL/TrojanDownloader.Agent.HRX
APEX	Malicious
Avast	Win32:PWSX-gen [Trj]
Kaspersky	HEUR:Backdoor.MSIL.Androm.gen
BitDefender	Trojan.GenericKD.36659267
AegisLab	Trojan.Win32.Malicious.4!c
Ad-Aware	Trojan.GenericKD.36659267
Sophos	Mal/Generic-S
Comodo	.UnclassifiedMalware@0
DrWeb	Trojan.DownloaderNET.154
McAfee-GW-Edition	Artemis!Trojan
SentinelOne	Static AI - Malicious PE
eGambit	Unsafe.AI_Score_94%
Kingsoft	Win32.Hack.Undef.(kcloud)
Microsoft	Trojan:Win32/AgentTesla!ml
GData	Win32.Trojan.Agent.RBHLXP
Cynet	Malicious (score: 100)
MAX	malware (ai score=89)
Malwarebytes	Malware.AI.1829431449
TrendMicro-HouseCall	Trojan.MSIL.ZYX.USMAND821
Rising	Backdoor.Androm!8.113 (CLOUD)
Ikarus	Trojan.MSIL.PSW
Fortinet	MSIL/Kryptik.DNK!tr.dldr
Webroot	W32.Trojan.Gen
AVG	Win32:PWSX-gen [Trj]
CrowdStrike	win/malicious_confidence_90% (W)
Qihoo-360	Win32/Trojan.Generic.HgIASSUA

IMG_102-05_78_6.pdf