popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

XNAFrameworkClassLibrary.pdf

AsyncRAT PE32 .NET DLL PE File DLL
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6402 May 13, 2021, 8:20 a.m. May 13, 2021, 8:23 a.m.
Size 133.0KB
Type PE32 executable (DLL) (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 eac4870e667458a95da0b52ed6457331
SHA256 76811633b8565963f5068026a401e81be79aa146ebf1ed0a8279605ed46e0865
CRC32 47BC9842
ssdeep 3072:34AvxYEFuTSHzX8mh5AFWtnrnsW5lHPpsl/q5YwCnM:34AvxYItnrn55xJE
PDB Path C:\Users\AMD RYZEN 3\Desktop\calmclientandserver\obj\Debug\IsolatedStorage.pdb
Yara
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
  • IsDLL - (no description)
  • PE_Header_Zero - PE File Signature
  • Is_DotNET_DLL - (no description)
  • IsPE32 - (no description)

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

pdb_path C:\Users\AMD RYZEN 3\Desktop\calmclientandserver\obj\Debug\IsolatedStorage.pdb
section .sdata
DrWeb Trojan.InjectNET.14
MicroWorld-eScan Trojan.GenericKD.46277881
ALYac Trojan.GenericKD.46277881
Sangfor Trojan.Win32.Wacatac.B
Alibaba Trojan:MSIL/Injector.f254acf6
Symantec Trojan.Gen.MBT
ESET-NOD32 a variant of MSIL/Injector.FPT
Paloalto generic.ml
ClamAV Win.Packed.Trojanx-9818175-0
BitDefender Trojan.GenericKD.46277881
Avast FileRepMalware
Ad-Aware Trojan.GenericKD.46277881
McAfee-GW-Edition Artemis
FireEye Trojan.GenericKD.46277881
Emsisoft Trojan.GenericKD.46277881 (B)
Ikarus Trojan.MSIL.Injector
GData Trojan.GenericKD.46277881
AegisLab Trojan.Win32.Generic.4!c
Microsoft Trojan:Win32/Wacatac.B!ml
McAfee Artemis!EAC4870E6674
MAX malware (ai score=88)
Fortinet MSIL/FPT!tr
AVG FileRepMalware