Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6402 | June 14, 2021, 8:15 p.m. | June 14, 2021, 8:32 p.m. |
-
ConsoleAa16.exe C:\Users\test22\AppData\Local\Temp\ConsoleAa16.exe
4744
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
section | {u'size_of_data': u'0x0003e400', u'virtual_address': u'0x00002000', u'entropy': 7.959037828168682, u'name': u'.text', u'virtual_size': u'0x0003e3f4'} | entropy | 7.95903782817 | description | A section with a high entropy has been found | |||||||||
entropy | 0.930841121495 | description | Overall entropy of this PE file is high |
description | (no description) | rule | DebuggerCheck__GlobalFlags | ||||||
description | (no description) | rule | DebuggerCheck__QueryInfo | ||||||
description | (no description) | rule | DebuggerHiding__Thread | ||||||
description | (no description) | rule | DebuggerHiding__Active | ||||||
description | (no description) | rule | ThreadControl__Context | ||||||
description | (no description) | rule | SEH__vectored | ||||||
description | Checks if being debugged | rule | anti_dbg | ||||||
description | Bypass DEP | rule | disable_dep |
host | 136.144.41.233 | |||
host | 172.217.25.14 |
FireEye | Generic.mg.9f6f8cb5647da0fc |
McAfee | Artemis!9F6F8CB5647D |
Cylance | Unsafe |
Sangfor | Trojan.Win32.Save.a |
K7AntiVirus | Trojan ( 0057df2d1 ) |
K7GW | Trojan ( 0057df2d1 ) |
Cyren | W32/MSIL_Agent.BCR.gen!Eldorado |
ESET-NOD32 | a variant of MSIL/Kryptik.ABLH |
Avast | FileRepMalware |
Kaspersky | UDS:DangerousObject.Multi.Generic |
Paloalto | generic.ml |
DrWeb | Trojan.PackedNET.835 |
McAfee-GW-Edition | Artemis!Trojan |
SentinelOne | Static AI - Malicious PE |
Sophos | Mal/Generic-S |
APEX | Malicious |
eGambit | PE.Heur.InvalidSig |
Kingsoft | Win32.Troj.Generic_a.a.(kcloud) |
Microsoft | Trojan:Win32/Wacatac.B!ml |
ZoneAlarm | UDS:DangerousObject.Multi.Generic |
Cynet | Malicious (score: 100) |
Malwarebytes | MachineLearning/Anomalous.95% |
AVG | FileRepMalware |
CrowdStrike | win/malicious_confidence_90% (W) |
dead_host | 136.144.41.233:80 |