Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6402	July 15, 2021, 10:03 a.m.	July 15, 2021, 10:13 a.m.

Size	340.0KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`10d97303ac2177c3cd4e54c9e57a4c53`
SHA256	`923de5fc24a860522375e93ea09e4298e5a1dfaa6a17c61754162aa3d4339bce`
CRC32	`63092F2F`
ssdeep	`6144:IpWMSmgY0IyFpXjsCEqhp3xuo8Pr7Jjc7wPxrC:lHP7LFVst+0oA71+cC`
PDB Path	pdmmgree.pdb
Yara	IsPE32 - (no description) PE_Header_Zero - PE File Signature

file9.bin "C:\Users\test22\AppData\Local\Temp\file9.bin"
2424

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

This executable has a PDB path (1 event)

pdb_path

pdmmgree.pdb

The executable contains unknown PE section names indicative of a packer (could be a false positive) (3 events)

section	.rda
section	.data1
section	.m5Fih

One or more processes crashed (50 out of 65536 events)

Time & API	Arguments	Status
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc cc cc cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 exception.symbol: file9+0x4c1be exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311742 exception.address: 0x44c1be registers.esp: 1638124 registers.edi: 18 registers.eax: 0 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc cc cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 83 exception.symbol: file9+0x4c1bf exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311743 exception.address: 0x44c1bf registers.esp: 1638124 registers.edi: 18 registers.eax: 0 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 83 c4 exception.symbol: file9+0x4c1c0 exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311744 exception.address: 0x44c1c0 registers.esp: 1638124 registers.edi: 18 registers.eax: 0 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 83 c4 08 exception.symbol: file9+0x4c1c1 exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311745 exception.address: 0x44c1c1 registers.esp: 1638124 registers.edi: 18 registers.eax: 0 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc cc cc cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 exception.symbol: file9+0x4c1be exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311742 exception.address: 0x44c1be registers.esp: 1638124 registers.edi: 18 registers.eax: 1 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc cc cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 83 exception.symbol: file9+0x4c1bf exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311743 exception.address: 0x44c1bf registers.esp: 1638124 registers.edi: 18 registers.eax: 1 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 83 c4 exception.symbol: file9+0x4c1c0 exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311744 exception.address: 0x44c1c0 registers.esp: 1638124 registers.edi: 18 registers.eax: 1 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 83 c4 08 exception.symbol: file9+0x4c1c1 exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311745 exception.address: 0x44c1c1 registers.esp: 1638124 registers.edi: 18 registers.eax: 1 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc cc cc cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 exception.symbol: file9+0x4c1be exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311742 exception.address: 0x44c1be registers.esp: 1638124 registers.edi: 18 registers.eax: 2 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc cc cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 83 exception.symbol: file9+0x4c1bf exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311743 exception.address: 0x44c1bf registers.esp: 1638124 registers.edi: 18 registers.eax: 2 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 83 c4 exception.symbol: file9+0x4c1c0 exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311744 exception.address: 0x44c1c0 registers.esp: 1638124 registers.edi: 18 registers.eax: 2 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 83 c4 08 exception.symbol: file9+0x4c1c1 exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311745 exception.address: 0x44c1c1 registers.esp: 1638124 registers.edi: 18 registers.eax: 2 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc cc cc cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 exception.symbol: file9+0x4c1be exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311742 exception.address: 0x44c1be registers.esp: 1638124 registers.edi: 18 registers.eax: 3 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc cc cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 83 exception.symbol: file9+0x4c1bf exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311743 exception.address: 0x44c1bf registers.esp: 1638124 registers.edi: 18 registers.eax: 3 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 83 c4 exception.symbol: file9+0x4c1c0 exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311744 exception.address: 0x44c1c0 registers.esp: 1638124 registers.edi: 18 registers.eax: 3 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 83 c4 08 exception.symbol: file9+0x4c1c1 exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311745 exception.address: 0x44c1c1 registers.esp: 1638124 registers.edi: 18 registers.eax: 3 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc cc cc cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 exception.symbol: file9+0x4c1be exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311742 exception.address: 0x44c1be registers.esp: 1638124 registers.edi: 18 registers.eax: 4 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc cc cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 83 exception.symbol: file9+0x4c1bf exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311743 exception.address: 0x44c1bf registers.esp: 1638124 registers.edi: 18 registers.eax: 4 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 83 c4 exception.symbol: file9+0x4c1c0 exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311744 exception.address: 0x44c1c0 registers.esp: 1638124 registers.edi: 18 registers.eax: 4 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 83 c4 08 exception.symbol: file9+0x4c1c1 exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311745 exception.address: 0x44c1c1 registers.esp: 1638124 registers.edi: 18 registers.eax: 4 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc cc cc cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 exception.symbol: file9+0x4c1be exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311742 exception.address: 0x44c1be registers.esp: 1638124 registers.edi: 18 registers.eax: 5 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc cc cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 83 exception.symbol: file9+0x4c1bf exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311743 exception.address: 0x44c1bf registers.esp: 1638124 registers.edi: 18 registers.eax: 5 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 83 c4 exception.symbol: file9+0x4c1c0 exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311744 exception.address: 0x44c1c0 registers.esp: 1638124 registers.edi: 18 registers.eax: 5 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 83 c4 08 exception.symbol: file9+0x4c1c1 exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311745 exception.address: 0x44c1c1 registers.esp: 1638124 registers.edi: 18 registers.eax: 5 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc cc cc cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 exception.symbol: file9+0x4c1be exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311742 exception.address: 0x44c1be registers.esp: 1638124 registers.edi: 18 registers.eax: 6 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc cc cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 83 exception.symbol: file9+0x4c1bf exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311743 exception.address: 0x44c1bf registers.esp: 1638124 registers.edi: 18 registers.eax: 6 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 83 c4 exception.symbol: file9+0x4c1c0 exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311744 exception.address: 0x44c1c0 registers.esp: 1638124 registers.edi: 18 registers.eax: 6 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 83 c4 08 exception.symbol: file9+0x4c1c1 exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311745 exception.address: 0x44c1c1 registers.esp: 1638124 registers.edi: 18 registers.eax: 6 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc cc cc cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 exception.symbol: file9+0x4c1be exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311742 exception.address: 0x44c1be registers.esp: 1638124 registers.edi: 18 registers.eax: 7 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc cc cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 83 exception.symbol: file9+0x4c1bf exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311743 exception.address: 0x44c1bf registers.esp: 1638124 registers.edi: 18 registers.eax: 7 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 83 c4 exception.symbol: file9+0x4c1c0 exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311744 exception.address: 0x44c1c0 registers.esp: 1638124 registers.edi: 18 registers.eax: 7 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 83 c4 08 exception.symbol: file9+0x4c1c1 exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311745 exception.address: 0x44c1c1 registers.esp: 1638124 registers.edi: 18 registers.eax: 7 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc cc cc cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 exception.symbol: file9+0x4c1be exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311742 exception.address: 0x44c1be registers.esp: 1638124 registers.edi: 18 registers.eax: 8 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc cc cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 83 exception.symbol: file9+0x4c1bf exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311743 exception.address: 0x44c1bf registers.esp: 1638124 registers.edi: 18 registers.eax: 8 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 83 c4 exception.symbol: file9+0x4c1c0 exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311744 exception.address: 0x44c1c0 registers.esp: 1638124 registers.edi: 18 registers.eax: 8 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 83 c4 08 exception.symbol: file9+0x4c1c1 exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311745 exception.address: 0x44c1c1 registers.esp: 1638124 registers.edi: 18 registers.eax: 8 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc cc cc cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 exception.symbol: file9+0x4c1be exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311742 exception.address: 0x44c1be registers.esp: 1638124 registers.edi: 18 registers.eax: 9 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc cc cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 83 exception.symbol: file9+0x4c1bf exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311743 exception.address: 0x44c1bf registers.esp: 1638124 registers.edi: 18 registers.eax: 9 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 83 c4 exception.symbol: file9+0x4c1c0 exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311744 exception.address: 0x44c1c0 registers.esp: 1638124 registers.edi: 18 registers.eax: 9 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 83 c4 08 exception.symbol: file9+0x4c1c1 exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311745 exception.address: 0x44c1c1 registers.esp: 1638124 registers.edi: 18 registers.eax: 9 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc cc cc cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 exception.symbol: file9+0x4c1be exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311742 exception.address: 0x44c1be registers.esp: 1638124 registers.edi: 18 registers.eax: 10 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc cc cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 83 exception.symbol: file9+0x4c1bf exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311743 exception.address: 0x44c1bf registers.esp: 1638124 registers.edi: 18 registers.eax: 10 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 83 c4 exception.symbol: file9+0x4c1c0 exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311744 exception.address: 0x44c1c0 registers.esp: 1638124 registers.edi: 18 registers.eax: 10 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 83 c4 08 exception.symbol: file9+0x4c1c1 exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311745 exception.address: 0x44c1c1 registers.esp: 1638124 registers.edi: 18 registers.eax: 10 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc cc cc cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 exception.symbol: file9+0x4c1be exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311742 exception.address: 0x44c1be registers.esp: 1638124 registers.edi: 18 registers.eax: 11 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc cc cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 83 exception.symbol: file9+0x4c1bf exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311743 exception.address: 0x44c1bf registers.esp: 1638124 registers.edi: 18 registers.eax: 11 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 83 c4 exception.symbol: file9+0x4c1c0 exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311744 exception.address: 0x44c1c0 registers.esp: 1638124 registers.edi: 18 registers.eax: 11 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 83 c4 08 exception.symbol: file9+0x4c1c1 exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311745 exception.address: 0x44c1c1 registers.esp: 1638124 registers.edi: 18 registers.eax: 11 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc cc cc cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 exception.symbol: file9+0x4c1be exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311742 exception.address: 0x44c1be registers.esp: 1638124 registers.edi: 18 registers.eax: 12 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1
__exception__ July 15, 2021, 10:03 a.m.	stacktrace: file9+0x4c227 @ 0x44c227 RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77799ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77799ea5 exception.instruction_r: cc cc cc 40 eb f2 8b 04 24 64 a3 00 00 00 00 83 exception.symbol: file9+0x4c1bf exception.instruction: int3 exception.module: file9.bin exception.exception_code: 0x80000003 exception.offset: 311743 exception.address: 0x44c1bf registers.esp: 1638124 registers.edi: 18 registers.eax: 12 registers.ebp: 1638276 registers.edx: 2004222168 registers.ebx: 1638238 registers.esi: 4511460 registers.ecx: 0	1

Foreign language identified in PE resource (1 event)

name

RT_VERSION

language

LANG_CHINESE

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

offset

0x00056060

size

0x000002fc

The binary likely contains encrypted or compressed data indicative of a packer (3 events)

section

{u'size_of_data': u'0x0004c000', u'virtual_address': u'0x00001000', u'entropy': 7.953667165195198, u'name': u'.rda', u'virtual_size': u'0x0004bfee'}

entropy

7.9536671652

description

A section with a high entropy has been found

section

{u'size_of_data': u'0x00005000', u'virtual_address': u'0x0004e000', u'entropy': 7.326827081710962, u'name': u'.data1', u'virtual_size': u'0x00007ab8'}

entropy

7.32682708171

description

A section with a high entropy has been found

entropy

0.964285714286

description

Overall entropy of this PE file is high

Tries to unhook Windows functions monitored by Cuckoo (1 event)

Time & API	Arguments	Status	Return	Repeated
__anomaly__ July 15, 2021, 10:03 a.m.	tid: 2428 message: Encountered 65537 exceptions, quitting. subcategory: exception function_name:	1	0	0

File has been identified by 34 AntiVirus engines on VirusTotal as malicious (34 events)

Bkav	W32.AIDetect.malware1
Lionic	Trojan.Win32.Bsymem.4!c
Elastic	malicious (high confidence)
Cynet	Malicious (score: 100)
FireEye	Generic.mg.10d97303ac2177c3
McAfee	RDN/Generic.rp
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Trojan ( 005485311 )
K7GW	Trojan ( 005485311 )
CrowdStrike	win/malicious_confidence_100% (W)
BitDefenderTheta	Gen:NN.ZexaF.34796.vu0@aqvfeEcb
Cyren	W32/Emotet.BCV.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Paloalto	generic.ml
Kaspersky	UDS:DangerousObject.Multi.Generic
Avast	Win32:HacktoolX-gen [Trj]
Sophos	ML/PE-A + Mal/EncPk-APX
McAfee-GW-Edition	BehavesLike.Win32.Ransomware.fc
Webroot	W32.Malware.Gen
Kingsoft	Win32.Heur.KVMH008.a.(kcloud)
Microsoft	Trojan:Win32/Wacatac.B!ml
Gridinsoft	Trojan.Heur!.02012021
Acronis	suspicious
Malwarebytes	MachineLearning/Anomalous.100%
TrendMicro-HouseCall	TROJ_GEN.R002H07GE21
Rising	Trojan.Generic@ML.94 (RDML:ctX2WonfkoZB9lEXvMa90w)
SentinelOne	Static AI - Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/PossibleThreat
AVG	Win32:HacktoolX-gen [Trj]
Cybereason	malicious.217861
Qihoo-360	Win32/Heur.Generic.HxQBlecA

file9.bin

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All