Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	July 13, 2021, 10:22 a.m.	July 13, 2021, 10:23 a.m.

Size	44.5KB
Type	PE32 executable (console) Intel 80386, for MS Windows
MD5	`eb66dcd416436e0589a4e4db48c6deaf`
SHA256	`b5a16fb25a6b38547680cbfd3a21cc29621c28c3929e4552bb37834655456977`
CRC32	`A2D6AFB7`
ssdeep	`768:71j+R1sS3tYjiCYSEqbKXUFfBj78vXe8Nl:5yBDCYSz2Xcqvx`
Yara	IsPE32 - (no description) Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file PE_Header_Zero - PE File Signature

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
164.124.101.2	Active	Moloch

No Suricata Alerts

No Suricata TLS

Time & API	Arguments	Status	Return	Repeated
ShellExecuteExW July 13, 2021, 10:22 a.m.	show_type: 0 filepath_r: C:\Users\Public\BPS\V2\socketio.exe parameters: filepath: C:\Users\Public\BPS\V2\socketio.exe		0	0

MicroWorld-eScan	Trojan.GenericKD.35368899
McAfee	Artemis!EB66DCD41643
Cylance	Unsafe
Zillya	Trojan.Starter.Win32.44063
Sangfor	Trojan.Win32.Save.a
Cybereason	malicious.416436
BitDefenderTheta	Gen:NN.ZexaF.34790.c0Y@aeKsmzk
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Python/Agent.SF
APEX	Malicious
Paloalto	generic.ml
Kaspersky	UDS:Trojan.Win32.Starter.gen
BitDefender	Trojan.GenericKD.35368899
Avast	Win32:Malware-gen
Ad-Aware	Trojan.GenericKD.35368899
Sophos	Mal/Generic-S
Comodo	Malware@#1sjf5b5dnwfmg
McAfee-GW-Edition	Artemis!Trojan
FireEye	Trojan.GenericKD.35368899
Emsisoft	Trojan.GenericKD.35368899 (B)
MAX	malware (ai score=89)
Microsoft	Trojan:Win32/Ymacco.AAB5
ZoneAlarm	UDS:DangerousObject.Multi.Generic
GData	Trojan.GenericKD.35368899
Cynet	Malicious (score: 100)
AhnLab-V3	Malware/Win32.Generic.C4246908
VBA32	BScope.Trojan.Wacatac
ALYac	Trojan.GenericKD.35368899
Malwarebytes	Malware.AI.1756151
TrendMicro-HouseCall	TROJ_GEN.R002H0CDN21
Ikarus	Win32.Outbreak
MaxSecure	Trojan.Malware.1868785.susgen
AVG	Win32:Malware-gen

BIOPASS RAT.exe