Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Aug. 5, 2021, 10:50 a.m.	Aug. 5, 2021, 10:50 a.m.

Size	243.6KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`58a63044fe092b8c6e525cc920c04bc1`
SHA256	`5e870c6ebc9666619f80ecb157b67de938fe42a7d17533d3705b5464923ff7f1`
CRC32	`6B743D38`
ssdeep	`3072:E3brnqR7nyUnkYHuzFrBXnja7mZUZAQ2KoWy8brnyeyMKFRlfrwO+afhLEKBAXU5:E3bTqR7yUkAuz3h/KtdwRl8OxfhNCyN`
Yara	PE_Header_Zero - PE File Signature Generic_Malware_Zero - Generic Malware IsPE32 - (no description) Admin_Tool_IN_Zero - Admin Tool Sysinternals

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
164.124.101.2	Active	Moloch

No Suricata Alerts

No Suricata TLS

packer

Armadillo v1.71

Lionic	Trojan.Win32.Noon.l!c
Elastic	malicious (high confidence)
FireEye	Generic.mg.58a63044fe092b8c
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_80% (W)
BitDefenderTheta	Gen:NN.ZexaF.34058.puZ@aOpGyBoi
Cyren	W32/Injector.AKG.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Kryptik.HLYM
APEX	Malicious
Kaspersky	UDS:Trojan-Spy.Win32.Noon.gen
DrWeb	Trojan.Siggen14.54397
McAfee-GW-Edition	BehavesLike.Win32.Emotet.dc
Sophos	Mal/Generic-R
Kingsoft	Win32.Troj.Undef.(kcloud)
Microsoft	Program:Win32/Wacapew.C!ml
ZoneAlarm	UDS:DangerousObject.Multi.Generic
Cynet	Malicious (score: 100)
McAfee	Artemis!58A63044FE09
VBA32	BScope.Trojan-Dropper.Injector
Rising	Trojan.Kryptik!1.D84E (CLASSIC)
Fortinet	W32/GenKryptik.FIIH!tr
AVG	FileRepMalware
Avast	FileRepMalware
Qihoo-360	HEUR/QVM07.1.0ADB.Malware.Gen

both123.exe