sefile.exe| Category | Machine | Started | Completed |
|---|---|---|---|
| FILE | s1_win7_x6401 | Aug. 12, 2021, 9:29 a.m. | Aug. 12, 2021, 9:31 a.m. |
-
sefile.exe "C:\Users\test22\AppData\Local\Temp\sefile.exe"
732
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| No hosts contacted. | ||
| IP Address | Status | Action |
|---|---|---|
| 164.124.101.2 | Active | Moloch |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
| pdb_path | C:\zotat_pihigikebidug_goranuz82_tukow\87\sogu82.pdb |
| name | RT_ICON | language | LANG_CHINESE | filetype | GLS_BINARY_LSB_FIRST | sublanguage | SUBLANG_CHINESE_SINGAPORE | offset | 0x0050e218 | size | 0x00000468 | ||||||||||||||||||
| name | RT_ICON | language | LANG_CHINESE | filetype | GLS_BINARY_LSB_FIRST | sublanguage | SUBLANG_CHINESE_SINGAPORE | offset | 0x0050e218 | size | 0x00000468 | ||||||||||||||||||
| name | RT_ICON | language | LANG_CHINESE | filetype | GLS_BINARY_LSB_FIRST | sublanguage | SUBLANG_CHINESE_SINGAPORE | offset | 0x0050e218 | size | 0x00000468 | ||||||||||||||||||
| name | RT_ICON | language | LANG_CHINESE | filetype | GLS_BINARY_LSB_FIRST | sublanguage | SUBLANG_CHINESE_SINGAPORE | offset | 0x0050e218 | size | 0x00000468 | ||||||||||||||||||
| name | RT_ICON | language | LANG_CHINESE | filetype | GLS_BINARY_LSB_FIRST | sublanguage | SUBLANG_CHINESE_SINGAPORE | offset | 0x0050e218 | size | 0x00000468 | ||||||||||||||||||
| name | RT_ICON | language | LANG_CHINESE | filetype | GLS_BINARY_LSB_FIRST | sublanguage | SUBLANG_CHINESE_SINGAPORE | offset | 0x0050e218 | size | 0x00000468 | ||||||||||||||||||
| name | RT_GROUP_ICON | language | LANG_CHINESE | filetype | data | sublanguage | SUBLANG_CHINESE_SINGAPORE | offset | 0x0050e680 | size | 0x0000005a | ||||||||||||||||||
| section | {u'size_of_data': u'0x00022a00', u'virtual_address': u'0x00034000', u'entropy': 7.890620360056609, u'name': u'.data', u'virtual_size': u'0x004d6468'} | entropy | 7.89062036006 | description | A section with a high entropy has been found | |||||||||
| entropy | 0.357881136951 | description | Overall entropy of this PE file is high | |||||||||||
| Bkav | W32.AIDetect.malware1 |
| Elastic | malicious (high confidence) |
| FireEye | Generic.mg.9008fe6b62bc7b92 |
| McAfee | Artemis!9008FE6B62BC |
| Cylance | Unsafe |
| Sangfor | Trojan.Win32.Save.a |
| CrowdStrike | win/malicious_confidence_100% (D) |
| Symantec | ML.Attribute.HighConfidence |
| APEX | Malicious |
| Kaspersky | UDS:DangerousObject.Multi.Generic |
| Rising | Trojan.Kryptik!1.C6FC (CLASSIC) |
| McAfee-GW-Edition | BehavesLike.Win32.MultiPlug.fh |
| Sophos | ML/PE-A |
| SentinelOne | Static AI - Malicious PE |
| eGambit | Unsafe.AI_Score_98% |
| Microsoft | Trojan:Win32/Sabsik.FL.B!ml |
| Cynet | Malicious (score: 100) |
| Acronis | suspicious |
| BitDefenderTheta | Gen:NN.ZexaF.34058.yuW@a8DN6viH |
| Ikarus | Trojan.Win32.Crypt |
| Cybereason | malicious.4ab7c6 |
| Qihoo-360 | HEUR/QVM10.1.34CF.Malware.Gen |