xpt9.png| Category | Machine | Started | Completed |
|---|---|---|---|
| FILE | s1_win7_x6401 | July 22, 2021, 10:15 a.m. | July 22, 2021, 10:16 a.m. |
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| No hosts contacted. | ||
| IP Address | Status | Action |
|---|---|---|
| No hosts contacted. | ||
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
| section | {u'size_of_data': u'0x0001ea00', u'virtual_address': u'0x00008000', u'entropy': 7.745949336336516, u'name': u'.rdata', u'virtual_size': u'0x0001ee91'} | entropy | 7.74594933634 | description | A section with a high entropy has been found | |||||||||
| section | {u'size_of_data': u'0x00006200', u'virtual_address': u'0x00027000', u'entropy': 6.886132830096508, u'name': u'.data', u'virtual_size': u'0x00007d80'} | entropy | 6.8861328301 | description | A section with a high entropy has been found | |||||||||
| entropy | 0.837606837607 | description | Overall entropy of this PE file is high | |||||||||||
| Bkav | W32.AIDetect.malware2 |
| Elastic | malicious (high confidence) |
| FireEye | Generic.mg.8b8ec117d4cc2eb8 |
| McAfee | Artemis!8B8EC117D4CC |
| Cylance | Unsafe |
| Sangfor | Trojan.Win32.Save.a |
| CrowdStrike | win/malicious_confidence_100% (W) |
| Symantec | ML.Attribute.HighConfidence |
| APEX | Malicious |
| Paloalto | generic.ml |
| NANO-Antivirus | Virus.Win32.Gen.ccmw |
| Avast | Win32:TrojanX-gen [Trj] |
| Rising | Trojan.Generic@ML.80 (RDML:SPdj8aarMjSQ4/sr1gkJgg) |
| McAfee-GW-Edition | BehavesLike.Win32.Drixed.cc |
| Sophos | ML/PE-A |
| Microsoft | Program:Win32/Wacapew.C!ml |
| Cynet | Malicious (score: 100) |
| Acronis | suspicious |
| BitDefenderTheta | Gen:NN.ZedlaF.34050.lu8@auJk8Spi |
| SentinelOne | Static AI - Suspicious PE |
| eGambit | Unsafe.AI_Score_99% |
| Fortinet | Malicious_Behavior.SB |
| AVG | Win32:TrojanX-gen [Trj] |