Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6401 | April 16, 2021, 6:01 p.m. | April 16, 2021, 6:07 p.m. |
-
TinyTake_v_5_2_19.exe "C:\Users\test22\AppData\Local\Temp\TinyTake_v_5_2_19.exe"
2648
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
section | .vmp0 |
section | .vmp1 |
section | {u'size_of_data': u'0x00636400', u'virtual_address': u'0x00b91000', u'entropy': 7.965513471427617, u'name': u'.vmp1', u'virtual_size': u'0x00636210'} | entropy | 7.96551347143 | description | A section with a high entropy has been found | |||||||||
entropy | 0.989653831194 | description | Overall entropy of this PE file is high |
section | .vmp0 | description | Section name indicates VMProtect | ||||||
section | .vmp1 | description | Section name indicates VMProtect |
host | 45.138.27.125 | |||
host | 45.85.90.7 |
Elastic | malicious (high confidence) |
Cylance | Unsafe |
Cybereason | malicious.6db594 |
APEX | Malicious |
Avast | Win32:MdeClass |
Rising | Malware.Heuristic!ET#77% (RDMK:cmRtazrfphQBIiuXBGJXy8DkQRfP) |
FireEye | Generic.mg.6f6ef1b4659a3e47 |
SentinelOne | Static AI - Malicious PE |
Cynet | Malicious (score: 100) |
BitDefenderTheta | Gen:NN.ZexaF.34678.@VX@aWW3dae |
Malwarebytes | Malware.Heuristic.1003 |
eGambit | PE.Heur.InvalidSig |
AVG | Win32:MdeClass |
process | TinyTake_v_5_2_19.exe | useragent | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.75 Safari/537.36 | ||||||
process | TinyTake_v_5_2_19.exe | useragent | c25iK3H8PkGDL6X614f7 |
dead_host | 45.138.27.125:80 |
dead_host | 192.168.56.101:49216 |