popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

ETL_126_072_60.pdf

AsyncRAT
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6402 April 9, 2021, 11:32 a.m. April 9, 2021, 11:41 a.m.
Size 74.0KB
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 f40fb54eac2da697a9511274316c3db9
SHA256 8989b8399cdc3d5e8e2ba46017f574dbdd88abba54c38c79028e5de53622c2e7
CRC32 7BE2007D
ssdeep 768:sPSBdtS1BtSRhVxBmpelqdh9jdKA7HbHCNUkL9bEGflfGflvx/FIwJGun51uNGfJ:0SBdtS1BtSRhjoSMrdO9bXU
Yara
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
  • PE_Header_Zero - PE File Signature Zero
  • IsPE32 - (no description)
  • IsNET_EXE - (no description)
  • IsWindowsGUI - (no description)

Name Response Post-Analysis Lookup
myliverpoolnews.cf
IP Address Status Action
164.124.101.2 Active Moloch
172.217.25.14 Active Moloch
34.102.136.180 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

host 172.217.25.14
host 34.102.136.180
dead_host 192.168.56.102:49840
Elastic malicious (high confidence)
DrWeb Trojan.DownloaderNET.154
MicroWorld-eScan Trojan.GenericKD.46048031
FireEye Generic.mg.f40fb54eac2da697
McAfee Artemis!F40FB54EAC2D
Cylance Unsafe
Sangfor Trojan.Win32.Save.a
K7AntiVirus Trojan-Downloader ( 0057a5de1 )
K7GW Trojan-Downloader ( 0057a5de1 )
Arcabit Trojan.Generic.D2BEA31F
BitDefenderTheta Gen:NN.ZemsilF.34670.em0@auvLdcj
Cyren W32/MSIL_Kryptik.CXK.gen!Eldorado
Symantec Trojan.Gen.2
ESET-NOD32 a variant of MSIL/TrojanDownloader.Agent.HRW
APEX Malicious
Avast Win32:PWSX-gen [Trj]
Kaspersky HEUR:Trojan.MSIL.PowerShell.gen
BitDefender Trojan.GenericKD.46048031
Paloalto generic.ml
AegisLab Trojan.Win32.Generic.4!c
Tencent Win32.Trojan.Inject.Auto
Ad-Aware Trojan.GenericKD.46048031
Emsisoft Trojan.GenericKD.46048031 (B)
Comodo fls.noname@0
McAfee-GW-Edition Artemis!Trojan
Sophos Mal/Generic-S
SentinelOne Static AI - Suspicious PE
Avira TR/Dldr.Agent.rgixj
Kingsoft Win32.Troj.Generic_a.a.(kcloud)
Gridinsoft Trojan.Win32.Downloader.sa
Microsoft Trojan:Win32/Ymacco.AB89
GData Win32.Trojan.Agent.VV39ET
Cynet Malicious (score: 100)
MAX malware (ai score=84)
Malwarebytes Malware.AI.1829431449
Rising Downloader.Agent!8.B23 (CLOUD)
Ikarus Trojan-Downloader.MSIL.Agent
Fortinet MSIL/Kryptik.DNK!tr.dldr
AVG Win32:PWSX-gen [Trj]
CrowdStrike win/malicious_confidence_90% (W)
Qihoo-360 Win32/Trojan.Generic.HgIASSUA