Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	July 26, 2021, 6:46 p.m.	July 26, 2021, 6:48 p.m.

Size	265.5KB
Type	Zip archive data, at least v2.0 to extract
MD5	`683eb3faa426e0bbd55726b875858bc6`
SHA256	`b4c0f24a860f14b7a7360708a4aee135bf1a24d730d7794bc55e53a31a0e57a5`
CRC32	`17E25C56`
ssdeep	`6144:9B/LVKUBWEJzUCvGYS9CNWwpM/QznouilgTFSvwVpS:vJ7BdJIC+yzEq1S`
Yara	None matched

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
164.124.101.2	Active	Moloch

No Suricata Alerts

No Suricata TLS

Lionic	Trojan.Win32.Badur.4!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Doina.18418
CAT-QuickHeal	Trojan.Badur
ALYac	Gen:Variant.Doina.18418
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
K7GW	Riskware ( 0040eff71 )
K7AntiVirus	Riskware ( 0040eff71 )
Arcabit	Trojan.Doina.D47F2
BitDefenderTheta	Gen:NN.ZexaF.34050.wu0@a0uvfOii
Cyren	W32/Trojan.CTFT-6487
ESET-NOD32	a variant of Win32/TrojanDownloader.Agent.FTH
TrendMicro-HouseCall	TrojanSpy.Win32.TRICKBOT.SMC
Avast	Win32:Trojan-gen
Kaspersky	UDS:Trojan.Win32.Badur
BitDefender	Gen:Variant.Doina.18418
Sophos	Mal/BredoZp-B
TrendMicro	TrojanSpy.Win32.TRICKBOT.SMC
McAfee-GW-Edition	BehavesLike.Trojan.dc
FireEye	Gen:Variant.Doina.18418
Emsisoft	Gen:Variant.Doina.18418 (B)
SentinelOne	Static AI - Malicious Archive
Jiangmin	Trojan.Badur.fr
MAX	malware (ai score=86)
Gridinsoft	Suspicious_WebDownload.bot!yf
Microsoft	Trojan:Win32/Glupteba!ml
GData	Gen:Variant.Doina.18418
AhnLab-V3	Trojan/Win.TRICKBOT.C4553710
McAfee	RDN/Generic PWS.y
VBA32	Trojan.Badur
Malwarebytes	Malware.AI.334160484
Ikarus	Trojan-Downloader.Win32.Agent
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/TrojanSpy_Win32_TRICKBOT.SMC
AVG	Win32:Trojan-gen
Panda	Trj/GdSda.A

kavach-2-instructions.zip