Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6402	Aug. 5, 2021, 5:39 p.m.	Aug. 5, 2021, 5:50 p.m.

Size	240.7KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`7ce0b9ede7956ce43eed5605c01be944`
SHA256	`235bcc9dd72de0c5ee65fce42857fe4e341915bb53a731efbf5e986f9cdd4434`
CRC32	`C3704560`
ssdeep	`6144:8gDjEcHIBTYYkxm2WNVN4YkOHaoe338IE:8HIfBroVN2meXE`
Yara	UPX_Zero - UPX packed file PE_Header_Zero - PE File Signature IsPE32 - (no description)

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

No Suricata Alerts

No Suricata TLS

section

{u'size_of_data': u'0x00037000', u'virtual_address': u'0x00001000', u'entropy': 7.621938453091673, u'name': u'.text', u'virtual_size': u'0x000365e0'}

entropy

7.62193845309

description

A section with a high entropy has been found

entropy

0.964912280702

description

Overall entropy of this PE file is high

Bkav	W32.AIDetect.malware2
Lionic	Trojan.Win32.NetWiredRC.m!c
Elastic	malicious (high confidence)
ClamAV	Win.Malware.Generic-9881402-0
Malwarebytes	Trojan.Injector
CrowdStrike	win/malicious_confidence_90% (W)
Alibaba	Backdoor:Win32/NetWiredRC.db278d15
K7GW	Trojan ( 0057ffa61 )
K7AntiVirus	Trojan ( 0057ffa61 )
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Injector.EPVL
TrendMicro-HouseCall	TROJ_GEN.R002H0CH421
Paloalto	generic.ml
Cynet	Malicious (score: 100)
Kaspersky	Backdoor.Win32.NetWiredRC.lrt
Avast	Win32:InjectorX-gen [Trj]
Tencent	Win32.Backdoor.Netwiredrc.Ammi
McAfee-GW-Edition	Artemis!Trojan
FireEye	Generic.mg.7ce0b9ede7956ce4
Sophos	Mal/Generic-S
APEX	Malicious
Webroot	W32.Injector.Gen
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
SentinelOne	Static AI - Suspicious PE
McAfee	Artemis!7CE0B9EDE795
Cylance	Unsafe
Rising	Trojan.Injector!1.C6AF (CLASSIC)
eGambit	PE.Heur.InvalidSig
Fortinet	W32/NetWiredRC.LRT!tr.bdr
MaxSecure	Trojan.Malware.300983.susgen
AVG	Win32:InjectorX-gen [Trj]
Cybereason	malicious.c31372
Qihoo-360	Win32/Backdoor.NetWire.HxQBC38A

img32.jpg