Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6402	May 20, 2021, 4:31 p.m.	May 20, 2021, 4:44 p.m.

Size	97.8KB
Type	Zip archive data, at least v2.0 to extract
MD5	`e9ab849de3862d15c03f2dc2535a2fe0`
SHA256	`85bd32821c47bd88811a829c88ec601932613fd5d5b07b2fa3461f7ffcf9682f`
CRC32	`3E7339C8`
ssdeep	`3072:tE3KbE5jpqT5zVUcDlKPGkno8VYuSMZXmZ6j/um5g:tT+jITLvUGkohuSuXoM/un`
Yara	None matched

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
172.217.25.14	Active	Moloch

No Suricata Alerts

No Suricata TLS

host

172.217.25.14

Elastic	malicious (high confidence)
FireEye	IL:Trojan.Targaryen.B
Cylance	Unsafe
ESET-NOD32	a variant of MSIL/Spy.Agent.AES
Avast	Win32:PWSX-gen [Trj]
ClamAV	Win.Packed.Razy-9862812-0
Kaspersky	VHO:Trojan-PSW.MSIL.Agensla.gen
BitDefender	IL:Trojan.Targaryen.B
DrWeb	BackDoor.SpyBotNET.25
Emsisoft	IL:Trojan.Targaryen.B (B)
Ikarus	Trojan-Spy.Keylogger.AgentTesla
Avira	TR/Spy.Gen8
Microsoft	PWS:MSIL/DarkStealer!MTB
GData	IL:Trojan.Targaryen.B
Cynet	Malicious (score: 99)
AhnLab-V3	Infostealer/Win.AgentTesla.R420346
BitDefenderTheta	Gen:NN.ZemsilCO.34690.nm0@aKIvVcm
MAX	malware (ai score=80)
Malwarebytes	Spyware.TelegramBot.TOR
Rising	Spyware.Agent!8.C6 (TFE:D:ZkYqOVQUviS)
SentinelOne	Static AI - Malicious Archive
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/Razy.749950!tr
AVG	Win32:PWSX-gen [Trj]

fax_Documents.zip