10r3.exe

The executable contains unknown PE section names indicative of a packer (could be a false positive) (1 event)

section

.gfids

The binary likely contains encrypted or compressed data indicative of a packer (3 events)

section	{u'size_of_data': u'0x00005400', u'virtual_address': u'0x0000e000', u'entropy': 7.728914838630295, u'name': u'.rdata', u'virtual_size': u'0x0000531e'}				entropy	7.72891483863				description	A section with a high entropy has been found
section	{u'size_of_data': u'0x00005800', u'virtual_address': u'0x00014000', u'entropy': 7.9439277584380195, u'name': u'.data', u'virtual_size': u'0x00005d20'}				entropy	7.94392775844				description	A section with a high entropy has been found
entropy	0.263803680982				description	Overall entropy of this PE file is high

Communicates with host for which no DNS query was performed (1 event)

host	172.217.25.14

File has been identified by 26 AntiVirus engines on VirusTotal as malicious (26 events)

Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Razy.859016
ALYac	Trojan.Agent.Bazar
Sangfor	Riskware.Win32.Wacapew.C
BitDefender	Gen:Variant.Razy.859016
Symantec	Trojan.Gen.2
APEX	Malicious
Paloalto	generic.ml
Kaspersky	Trojan.Win64.Zenpak.ki
Avast	FileRepMetagen [Malware]
Rising	Trojan.Zenpak!8.10372 (CLOUD)
Ad-Aware	Gen:Variant.Razy.859016
Emsisoft	Gen:Variant.Razy.859016 (B)
McAfee-GW-Edition	BehavesLike.Win64.CoinMiner.ch
FireEye	Generic.mg.ffdff96a587983de
GData	Gen:Variant.Razy.859016
Webroot	W32.Malware.Gen
MAX	malware (ai score=86)
Kingsoft	Win32.Troj.Generic_a.a.(kcloud)
Microsoft	Trojan:Win32/Wacatac.B!ml
Cynet	Malicious (score: 100)
McAfee	RDN/Bazarcall
Fortinet	W32/PossibleThreat
AVG	FileRepMetagen [Malware]
CrowdStrike	win/malicious_confidence_80% (W)
Qihoo-360	Win64/Trojan.Zenpak.HgEASSYA