Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6402	June 17, 2021, 1:17 p.m.	June 17, 2021, 1:24 p.m.

Size	592.0KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`d43338c66b34e2d4e15b090aeb58401c`
SHA256	`3bc33661eae22696045e7b4b1f29344f4c33e53404ddee2f72fd188beea1d865`
CRC32	`FFB7C70B`
ssdeep	`6144:5qyKexVFPv7cWcm1S4GlA9jmHv/VCSY3hw9lMbk6u1QMS0y+lqiHTonWryFDYR3:AyKsIp46A9jmP/uhu/yMS08CkntxYR3`
Yara	Antivirus - Contains references to security software PE_Header_Zero - PE File Signature IsPE32 - (no description) Win32_Trojan_Emotet_2_Zero - Win32 Trojan Emotet

hope.exe "C:\Users\test22\AppData\Local\Temp\hope.exe"
3972
- cmd.exe cmd.exe /c C:\Users\test22\AppData\Local\Temp\
  5192

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
172.217.25.14	Active	Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Queries for the computername (3 events)

Time & API	Arguments	Status	Return
GetComputerNameW June 17, 2021, 1:17 p.m.	computer_name: TEST22-PC	1	1
GetComputerNameA June 17, 2021, 1:17 p.m.	computer_name: TEST22-PC	1	1
GetComputerNameA June 17, 2021, 1:17 p.m.	computer_name: TEST22-PC	1	1

Command line console output was observed (1 event)

Time & API	Arguments	Status	Return	Repeated
WriteConsoleW June 17, 2021, 1:17 p.m.	buffer: 'C:\Users\test22\AppData\Local\Temp\' is not recognized as an internal or external command, operable program or batch file. console_handle: 0x0000000b	1	1	0

Checks amount of memory in system, this can be used to detect virtual machines that have a low amount of memory available (1 event)

Time & API	Arguments	Status	Return	Repeated
GlobalMemoryStatusEx June 17, 2021, 1:17 p.m.		1	1	0

The file contains an unknown PE resource name possibly indicative of a packer (2 events)

resource name	CUSTOM
resource name	SHADO

One or more processes crashed (16 events)

Time & API	Arguments	Status
__exception__ June 17, 2021, 1:17 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 46887 exception.address: 0x76a7b727 registers.esp: 1635004 registers.edi: 1635192 registers.eax: 1635004 registers.ebp: 1635084 registers.edx: 0 registers.ebx: 9455192 registers.esi: 1635192 registers.ecx: 2	1
__exception__ June 17, 2021, 1:17 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 46887 exception.address: 0x76a7b727 registers.esp: 1634744 registers.edi: 9455192 registers.eax: 1634744 registers.ebp: 1634824 registers.edx: 0 registers.ebx: 9455192 registers.esi: 9455192 registers.ecx: 2	1
__exception__ June 17, 2021, 1:17 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 46887 exception.address: 0x76a7b727 registers.esp: 1634956 registers.edi: 9455192 registers.eax: 1634956 registers.ebp: 1635036 registers.edx: 0 registers.ebx: 9455192 registers.esi: 9455192 registers.ecx: 2	1
__exception__ June 17, 2021, 1:17 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 46887 exception.address: 0x76a7b727 registers.esp: 1615308 registers.edi: 9455192 registers.eax: 1615308 registers.ebp: 1615388 registers.edx: 0 registers.ebx: 9455192 registers.esi: 9455192 registers.ecx: 2	1
__exception__ June 17, 2021, 1:17 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 46887 exception.address: 0x76a7b727 registers.esp: 1615308 registers.edi: 9455192 registers.eax: 1615308 registers.ebp: 1615388 registers.edx: 0 registers.ebx: 9455192 registers.esi: 9455192 registers.ecx: 2	1
__exception__ June 17, 2021, 1:17 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 46887 exception.address: 0x76a7b727 registers.esp: 1615388 registers.edi: 9455192 registers.eax: 1615388 registers.ebp: 1615468 registers.edx: 0 registers.ebx: 9455192 registers.esi: 9455192 registers.ecx: 2	1
__exception__ June 17, 2021, 1:17 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 46887 exception.address: 0x76a7b727 registers.esp: 1615280 registers.edi: 9455192 registers.eax: 1615280 registers.ebp: 1615360 registers.edx: 0 registers.ebx: 9455192 registers.esi: 9455192 registers.ecx: 2	1
__exception__ June 17, 2021, 1:17 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 46887 exception.address: 0x76a7b727 registers.esp: 1615100 registers.edi: 9455192 registers.eax: 1615100 registers.ebp: 1615180 registers.edx: 0 registers.ebx: 9455192 registers.esi: 9455192 registers.ecx: 2	1
__exception__ June 17, 2021, 1:17 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 46887 exception.address: 0x76a7b727 registers.esp: 1606628 registers.edi: 9455192 registers.eax: 1606628 registers.ebp: 1606708 registers.edx: 0 registers.ebx: 9455192 registers.esi: 9455192 registers.ecx: 2	1
__exception__ June 17, 2021, 1:17 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 46887 exception.address: 0x76a7b727 registers.esp: 1613348 registers.edi: 9455192 registers.eax: 1613348 registers.ebp: 1613428 registers.edx: 0 registers.ebx: 9455192 registers.esi: 9455192 registers.ecx: 2	1
__exception__ June 17, 2021, 1:17 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 46887 exception.address: 0x76a7b727 registers.esp: 1613348 registers.edi: 9455192 registers.eax: 1613348 registers.ebp: 1613428 registers.edx: 0 registers.ebx: 9455192 registers.esi: 9455192 registers.ecx: 2	1
__exception__ June 17, 2021, 1:17 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 46887 exception.address: 0x76a7b727 registers.esp: 1634744 registers.edi: 9455192 registers.eax: 1634744 registers.ebp: 1634824 registers.edx: 0 registers.ebx: 9455192 registers.esi: 9455192 registers.ecx: 2	1
__exception__ June 17, 2021, 1:17 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 46887 exception.address: 0x76a7b727 registers.esp: 1635216 registers.edi: 9455192 registers.eax: 1635216 registers.ebp: 1635296 registers.edx: 0 registers.ebx: 9455192 registers.esi: 9455192 registers.ecx: 2	1
__exception__ June 17, 2021, 1:17 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 46887 exception.address: 0x76a7b727 registers.esp: 1635328 registers.edi: 9455192 registers.eax: 1635328 registers.ebp: 1635408 registers.edx: 0 registers.ebx: 9455192 registers.esi: 9455192 registers.ecx: 2	1
__exception__ June 17, 2021, 1:17 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf ProcCallEngine+0x4ce7 __vbaUdtVar-0x1bcd msvbvm60+0x101d44 @ 0x72a41d44 ProcCallEngine+0x2ad __vbaUdtVar-0x6607 msvbvm60+0xfd30a @ 0x72a3d30a IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 hope+0xd2ac @ 0x40d2ac IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 IID_IVbaHost+0x3b77 UserDllMain-0x61740 msvbvm60+0x321b7 @ 0x729721b7 IID_IVbaHost+0x386d UserDllMain-0x61a4a msvbvm60+0x31ead @ 0x72971ead IID_IVbaHost+0x36291 UserDllMain-0x2f026 msvbvm60+0x648d1 @ 0x729a48d1 DLLGetDocumentation+0x25b2 EbGetVBAObject-0xb8f msvbvm60+0xc88e0 @ 0x72a088e0 DLLGetDocumentation+0x2619 EbGetVBAObject-0xb28 msvbvm60+0xc8947 @ 0x72a08947 IID_IVbaHost+0x236f3 UserDllMain-0x41bc4 msvbvm60+0x51d33 @ 0x72991d33 hope+0x4084 @ 0x404084 IID_IVbaHost+0x239f4 UserDllMain-0x418c3 msvbvm60+0x52034 @ 0x72992034 IID_IVbaHost+0x23e5b UserDllMain-0x4145c msvbvm60+0x5249b @ 0x7299249b IID_IVbaHost+0x24027 UserDllMain-0x41290 msvbvm60+0x52667 @ 0x72992667 IID_IVbaHost+0x3b77 UserDllMain-0x61740 msvbvm60+0x321b7 @ 0x729721b7 IID_IVbaHost+0x386d UserDllMain-0x61a4a msvbvm60+0x31ead @ 0x72971ead IID_IVbaHost+0x36291 UserDllMain-0x2f026 msvbvm60+0x648d1 @ 0x729a48d1 IID_IVbaHost+0x418d8 UserDllMain-0x239df msvbvm60+0x6ff18 @ 0x729aff18 BASIC_CLASS_Release+0xfcaa IID_IVbaHost-0xff3d msvbvm60+0x1e703 @ 0x7295e703 BASIC_CLASS_QueryInterface+0xeca EbLoadRunTime-0x13a4 msvbvm60+0x7b3e @ 0x72947b3e ThunRTMain+0x3dd EbCreateContext-0x2e36 msvbvm60+0x3981 @ 0x72943981 ThunRTMain+0x156 EbCreateContext-0x30bd msvbvm60+0x36fa @ 0x729436fa ThunRTMain+0x5c EbCreateContext-0x31b7 msvbvm60+0x3600 @ 0x72943600 hope+0x12a2 @ 0x4012a2 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x773d9ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x773d9ea5 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 46887 exception.address: 0x76a7b727 registers.esp: 1635368 registers.edi: 9455072 registers.eax: 1635368 registers.ebp: 1635448 registers.edx: 0 registers.ebx: 4522548 registers.esi: 1635948 registers.ecx: 2	1
__exception__ June 17, 2021, 1:17 p.m.	stacktrace: EbGetHandleOfExecutingProject+0x22b3 rtcPackDate-0xba9 msvbvm60+0xd0dcf @ 0x72a10dcf rtcDoEvents+0x131 __vbaError-0x626 msvbvm60+0xce228 @ 0x72a0e228 exception.instruction_r: c9 c2 10 00 cc cc cc cc cc 8b ff 55 8b ec 56 8b exception.symbol: RaiseException+0x58 CloseHandle-0x9 kernelbase+0xb727 exception.instruction: leave exception.module: KERNELBASE.dll exception.exception_code: 0xc000008f exception.offset: 46887 exception.address: 0x76a7b727 registers.esp: 1636732 registers.edi: 9455192 registers.eax: 1636732 registers.ebp: 1636812 registers.edx: 0 registers.ebx: 9455192 registers.esi: 9455192 registers.ecx: 2	1

Allocates read-write-execute memory (usually to unpack itself) (1 event)

Time & API	Arguments	Status	Return	Repeated
NtProtectVirtualMemory June 17, 2021, 1:17 p.m.	process_identifier: 3972 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x73772000 process_handle: 0xffffffff	1	0	0

Creates a suspicious process (1 event)

cmdline

cmd.exe /c C:\Users\test22\AppData\Local\Temp\

Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) (1 event)

Time & API	Arguments	Status	Return	Repeated
NtProtectVirtualMemory June 17, 2021, 1:17 p.m.	process_identifier: 3972 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 length: 24576 protection: 32 (PAGE_EXECUTE_READ) base_address: 0x003c0000 process_handle: 0xffffffff	1	0	0

The binary likely contains encrypted or compressed data indicative of a packer (2 events)

section

{u'size_of_data': u'0x00042000', u'virtual_address': u'0x00058000', u'entropy': 7.994936537906446, u'name': u'.rsrc', u'virtual_size': u'0x00041674'}

entropy

7.99493653791

description

A section with a high entropy has been found

entropy

0.448979591837

description

Overall entropy of this PE file is high

Communicates with host for which no DNS query was performed (1 event)

host

172.217.25.14

Disables proxy possibly for traffic interception (1 event)

Time & API	Arguments	Status	Return	Repeated
RegSetValueExA June 17, 2021, 1:17 p.m.	key_handle: 0x000003cc regkey_r: ProxyEnable reg_type: 4 (REG_DWORD) value: 0 regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable	1	0	0

File has been identified by 51 AntiVirus engines on VirusTotal as malicious (50 out of 51 events)

Bkav	W32.AIDetect.malware2
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Johnnie.345085
CAT-QuickHeal	Trojan.Bingoml
McAfee	Trojan-FSDK!D43338C66B34
Cylance	Unsafe
Sangfor	Trojan.Win32.Bingoml.ky
K7AntiVirus	Spyware ( 0000f1581 )
Alibaba	TrojanSpy:Win32/Keylogger.10de3453
K7GW	Spyware ( 0000f1581 )
Cybereason	malicious.8bdadc
Arcabit	Trojan.Johnnie.D543FD
Cyren	W32/Kryptik.CPC.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Spy.KeyLogger.ODN
APEX	Malicious
Avast	Win32:Trojan-gen
ClamAV	Win.Keylogger.Generic-9868679-0
Kaspersky	Trojan.Win32.Bingoml.bvlm
BitDefender	Gen:Variant.Johnnie.345085
NANO-Antivirus	Trojan.Win32.Bingoml.iwbuju
Paloalto	generic.ml
AegisLab	Trojan.Win32.Bingoml.4!c
Ad-Aware	Gen:Variant.Johnnie.345085
Sophos	Mal/Generic-S
DrWeb	Trojan.MulDrop17.51466
Zillya	Trojan.Keylogger.Win32.72831
TrendMicro	TSPY_VBKEYLOG.SM
McAfee-GW-Edition	BehavesLike.Win32.PWSZbot.hh
FireEye	Generic.mg.d43338c66b34e2d4
Emsisoft	Gen:Variant.Johnnie.345085 (B)
SentinelOne	Static AI - Malicious PE
Avira	TR/Dropper.Gen
MAX	malware (ai score=89)
Antiy-AVL	Trojan/Generic.ASMalwS.335A96D
Microsoft	TrojanSpy:Win32/AgentKlog.SW!MTB
GData	Gen:Variant.Johnnie.345085
Cynet	Malicious (score: 100)
BitDefenderTheta	Gen:NN.ZevbaCO.34738.Lm0@a0jGTPmi
ALYac	Gen:Variant.Johnnie.345085
VBA32	TrojanSpy.Keylogger
Malwarebytes	Malware.AI.271029765
TrendMicro-HouseCall	TSPY_VBKEYLOG.SM
Rising	Spyware.KeyLogger!1.D278 (CLASSIC)
Ikarus	Win32.Outbreak
eGambit	Unsafe.AI_Score_98%
Fortinet	W32/KeyLogger.ODN!tr
MaxSecure	Trojan.Malware.300983.susgen
AVG	Win32:Trojan-gen
Panda	Trj/CI.A

hope.exe

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All