Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6402 | July 1, 2021, 1:31 p.m. | July 1, 2021, 1:33 p.m. |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
section | .text3 |
section | .text2 |
suspicious_features | Connection to IP address | suspicious_request | GET http://160.20.147.250/j.ad |
request | GET http://160.20.147.250/j.ad |
section | {u'size_of_data': u'0x0004c800', u'virtual_address': u'0x00001000', u'entropy': 7.184335391205139, u'name': u'.text', u'virtual_size': u'0x0004c73f'} | entropy | 7.18433539121 | description | A section with a high entropy has been found | |||||||||
entropy | 0.9 | description | Overall entropy of this PE file is high |
host | 160.20.147.250 | |||
host | 172.217.25.14 |
Bkav | W32.AIDetect.malware1 |
Elastic | malicious (high confidence) |
FireEye | Generic.mg.2680d519097273ac |
McAfee | Artemis!2680D5190972 |
Sangfor | Trojan.Win32.Save.a |
Cybereason | malicious.3ce61d |
BitDefenderTheta | Gen:NN.ZexaF.34770.vy1@a0V5VFai |
Symantec | Packed.Generic.459 |
APEX | Malicious |
Paloalto | generic.ml |
Rising | Malware.Heuristic!ET#88% (RDMK:cmRtazqgUy3kWx5iIiSdf1Mwc6l/) |
McAfee-GW-Edition | Artemis!Trojan |
Sophos | ML/PE-A |
SentinelOne | Static AI - Malicious PE |
MaxSecure | Trojan.Malware.300983.susgen |
Antiy-AVL | Trojan/Generic.ASCommon.1BE |
Microsoft | Exploit:Win32/CVE-1999-0016.MR!MTB |
Cynet | Malicious (score: 100) |
Acronis | suspicious |
Ikarus | Trojan.Win32.Crypt |
CrowdStrike | win/malicious_confidence_90% (W) |
Qihoo-360 | HEUR/QVM19.1.47DB.Malware.Gen |