popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

SLAC-Setup.exe

Generic Malware PWS PE32 .NET EXE PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 July 4, 2021, 11:01 a.m. July 4, 2021, 11:03 a.m.
Size 2.6MB
Type PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
MD5 27352c5e2e0505c4a1bd198ed094915f
SHA256 04c19ebccce07f0be770b035d2ce497ef4d30f1b5cb33b76df67dba434638533
CRC32 124E19C8
ssdeep 49152:EMwFasfT/T3WlOa2HMd+O+iux0818WZHEbhMWR1rKMaZ1lG/MTG1OuEK:hCPr/TJO+iuX18W1auS1rK91lVGlT
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
164.124.101.2 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

GlobalMemoryStatusEx

 1 1 0
section .ndata
Time & API Arguments Status Return Repeated

NtProtectVirtualMemory

 process_identifier: 2648
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
length: 4096
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x729d2000
process_handle: 0xffffffff
1 0 0
Time & API Arguments Status Return Repeated

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 13725622272
free_bytes_available: 13725622272
root_path: C:\Users\test22\AppData\Local\Temp
total_number_of_bytes: 34252779520
1 1 0

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 13725622272
free_bytes_available: 13725622272
root_path: C:\Users\test22\AppData\Local\Temp
total_number_of_bytes: 34252779520
1 1 0
file C:\Users\test22\AppData\Local\Temp\SLAC-Updater.exe
file C:\Users\test22\AppData\Local\Temp\SLAC.exe
file C:\Users\test22\AppData\Local\Temp\SLAC.exe
file C:\Users\test22\AppData\Local\Temp\SLAC-Updater.exe
Bkav W32.AIDetect.malware1
MicroWorld-eScan Trojan.GenericKD.37170444
FireEye Trojan.GenericKD.37170444
ALYac Trojan.GenericKD.37170444
Sangfor Trojan.Win32.Wacatac.B
Alibaba TrojanSpy:Win32/Generic.86fa7712
Arcabit Trojan.Generic.D2372D0C
BitDefenderTheta Gen:NN.ZemsilF.34790.In0@aW3fCVb
Symantec ML.Attribute.HighConfidence
APEX Malicious
Avast Win32:TrojanX-gen [Trj]
BitDefender Trojan.GenericKD.37170444
Paloalto generic.ml
Emsisoft Trojan.GenericKD.37170444 (B)
McAfee-GW-Edition BehavesLike.Win32.Generic.vc
Sophos Mal/Generic-S
eGambit Unsafe.AI_Score_95%
Avira TR/Spy.Gen
MAX malware (ai score=81)
Microsoft Trojan:Win32/Glupteba!ml
AegisLab Trojan.Win32.Generic.4!c
GData Trojan.GenericKD.37170444
Cynet Malicious (score: 100)
McAfee Artemis!27352C5E2E05
VBA32 CIL.HeapOverride.Heur
Malwarebytes Malware.AI.4280579003
Tencent Win32.Trojan.Spy.Hprx
Ikarus Trojan.Spy
Fortinet Malicious_Behavior.SB
AVG Win32:TrojanX-gen [Trj]