Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6402	June 2, 2021, 9:38 a.m.	June 2, 2021, 9:40 a.m.

Size	308.0KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`541369bff43470b5cb1056745b7eec92`
SHA256	`eb10ac373436166f7ca87d90b23d05247fcec78e9c791a454e68a17e29fdf54c`
CRC32	`08E40C4D`
ssdeep	`6144:zYFh5QZY/sBI2/AVFPosKZGN36DIKRdkCVsS13o3EQxH41I+iIy2ttd0fjtKpsS1:cFPJkBTAVFPosKZGN36DIKRdkCVsS13T`
Yara	PE_Header_Zero - PE File Signature IsPE32 - (no description)

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
172.217.25.14	Active	Moloch

No Suricata Alerts

No Suricata TLS

host

172.217.25.14

Bkav	W32.AIDetect.malware2
Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.GenericKD.37015770
FireEye	Generic.mg.541369bff43470b5
ALYac	Trojan.VBKrypt.gen
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
Alibaba	Trojan:Win32/Injector.5d6dee42
Cyren	W32/VBKrypt.AVO.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Injector.EPLI
APEX	Malicious
Avast	Win32:Malware-gen
BitDefender	Trojan.GenericKD.37015770
Paloalto	generic.ml
ViRobot	Trojan.Win32.Z.Vbkrypt.315392.H
Ad-Aware	Trojan.GenericKD.37015770
DrWeb	Trojan.VbCrypt.2295
McAfee-GW-Edition	BehavesLike.Win32.Trojan.fm
Emsisoft	Trojan.GenericKD.37015770 (B)
Ikarus	Trojan.Win32.Injector
Webroot	W32.Malware.Gen
MAX	malware (ai score=99)
Gridinsoft	Trojan.Win32.Downloader.oa
Microsoft	Trojan:Win32/GuLoader.KB!MTB
AegisLab	Trojan.Win32.Generic.4!c
GData	Trojan.GenericKD.37015770
Cynet	Malicious (score: 100)
AhnLab-V3	Win-Trojan/VBKrypt.RP08.X1976
McAfee	RDN/Generic.hbg
SentinelOne	Static AI - Suspicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Injector.EPLI!tr
BitDefenderTheta	Gen:NN.ZevbaF.34692.tm0@a8dz2RhG
AVG	Win32:Malware-gen
CrowdStrike	win/malicious_confidence_60% (W)

vbc.exe