Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6402 | June 28, 2021, 5:59 p.m. | June 28, 2021, 6:10 p.m. |
-
vshosts.exe "C:\Users\test22\AppData\Local\Temp\vshosts.exe"
6200
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
section | .gfids |
section | *C (l) |
section | {u'size_of_data': u'0x00687000', u'virtual_address': u'0x0076c000', u'entropy': 7.963587088816464, u'name': u'*C (l)', u'virtual_size': u'0x00686fb0'} | entropy | 7.96358708882 | description | A section with a high entropy has been found | |||||||||
entropy | 0.970524175984 | description | Overall entropy of this PE file is high |
host | 172.217.25.14 | |||
host | 185.158.113.59 |
description | vshosts.exe tried to sleep 19097650 seconds, actually delayed analysis time by 19097648 seconds |
Elastic | malicious (high confidence) |
FireEye | Generic.mg.fa0b6d3c4c059a04 |
Cylance | Unsafe |
Symantec | ML.Attribute.HighConfidence |
APEX | Malicious |
Sophos | Generic ML PUA (PUA) |
McAfee-GW-Edition | BehavesLike.Win32.Generic.vc |
Gridinsoft | Trojan.Heur!.02214421 |
Microsoft | Trojan:Win32/Tnega!ml |
AhnLab-V3 | Malware/Win32.Generic.C4290342 |
BitDefenderTheta | Gen:NN.ZexaF.34758.@J0@a8BTE1cG |
Malwarebytes | Malware.AI.3827194098 |
Rising | Malware.Heuristic!ET#92% (RDMK:cmRtazrV7gfZrgWZGJXWiKJcIz6B) |
SentinelOne | Static AI - Suspicious PE |
MaxSecure | Trojan.Malware.300983.susgen |
dead_host | 185.158.113.59:45324 |
dead_host | 192.168.56.102:49813 |
dead_host | 192.168.56.102:49816 |
dead_host | 192.168.56.102:49810 |
dead_host | 192.168.56.102:49817 |
dead_host | 192.168.56.102:49811 |
dead_host | 192.168.56.102:49808 |
dead_host | 192.168.56.102:49809 |
dead_host | 192.168.56.102:49821 |
dead_host | 192.168.56.102:49815 |