popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Update.exe

OS Processor Check PE32 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 June 24, 2021, 7:25 p.m. June 24, 2021, 8:48 p.m.
Size 175.0KB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 95d4eaa382bb065dc3902628ba72f070
SHA256 5523754a38cf328d55671e6a46e74e5ed87207d00c04a20b6820f4bf92ad2fc8
CRC32 3B34FD07
ssdeep 3072:DbUrZrU+8VWAb6pGiPt74HGpHJ6Us3cYmwlY2ELOAg0FujryI95eZ:P56pGgsHGTwckvAOvl9I
PDB Path C:\Users\user\Desktop\HVNC-N-master\Release\Client.pdb
Yara
  • PE_Header_Zero - PE File Signature
  • OS_Processor_Check_Zero - OS Processor Check
  • IsPE32 - (no description)

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
164.124.101.2 Active Moloch
31.7.63.14 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

pdb_path C:\Users\user\Desktop\HVNC-N-master\Release\Client.pdb
host 31.7.63.14
dead_host 31.7.63.14:5700
Bkav W32.AIDetect.malware2
Elastic malicious (high confidence)
MicroWorld-eScan Gen:Trojan.Heur.JP.kuW@ayYTstli
FireEye Generic.mg.95d4eaa382bb065d
ALYac Gen:Trojan.Heur.JP.kuW@ayYTstli
Cylance Unsafe
Sangfor Trojan.Win32.Save.a
K7AntiVirus Trojan ( 0055fed21 )
Alibaba Backdoor:Win32/Tinukebot.b70b3338
K7GW Trojan ( 0055fed21 )
Cybereason malicious.382bb0
BitDefenderTheta AI:Packer.A84BEC131F
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of Win32/Tinukebot.AO
APEX Malicious
Paloalto generic.ml
Kaspersky HEUR:Backdoor.Win32.Agent.gen
BitDefender Gen:Trojan.Heur.JP.kuW@ayYTstli
Ad-Aware Gen:Trojan.Heur.JP.kuW@ayYTstli
Sophos Mal/Wonton-S
McAfee-GW-Edition BehavesLike.Win32.Dropper.ch
Emsisoft Gen:Trojan.Heur.JP.kuW@ayYTstli (B)
GData Gen:Trojan.Heur.JP.kuW@ayYTstli
Avira HEUR/AGEN.1117031
MAX malware (ai score=89)
ZoneAlarm HEUR:Backdoor.Win32.Agent.gen
Microsoft Trojan:Win32/Glupteba!ml
Cynet Malicious (score: 100)
McAfee RDN/Generic BackDoor
VBA32 BScope.Backdoor.Agent
SentinelOne Static AI - Malicious PE
Fortinet W32/Agent.AO!tr.bdr
MaxSecure Trojan.Malware.300983.susgen
AVG FileRepMalware
Avast FileRepMalware
CrowdStrike win/malicious_confidence_90% (W)