Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6402	Aug. 16, 2021, 10:40 a.m.	Aug. 16, 2021, 10:48 a.m.

Size	100.0KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`e3e9e202fbe8ddff674ab73c728a7c89`
SHA256	`d3deba838357bc80db85b39890aa4e44b35ed4376d7ee8a091295be6c100bda7`
CRC32	`B6622D2B`
ssdeep	`3072:oHwBuwTfGDTheHB7Elr82TGGl7phC+LDLH3:oHwcabBANLCKnH3`
Yara	PE_Header_Zero - PE File Signature OS_Processor_Check_Zero - OS Processor Check UPX_Zero - UPX packed file Malicious_Library_Zero - Malicious_Library IsPE32 - (no description)

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

No Suricata Alerts

No Suricata TLS

Time & API	Arguments	Status	Return	Repeated
NtAllocateVirtualMemory Aug. 16, 2021, 10:40 a.m.	process_identifier: 876 region_size: 20480 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00350000 allocation_type: 12288 (MEM_COMMIT\|MEM_RESERVE) process_handle: 0xffffffff	1	0	0

Elastic	malicious (high confidence)
DrWeb	Trojan.Siggen14.54063
MicroWorld-eScan	Gen:Variant.Ser.Zusy.3383
ALYac	Gen:Variant.Ser.Zusy.3383
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
Alibaba	TrojanBanker:Win32/ClipBanker.d0e81a46
BitDefenderTheta	Gen:NN.ZexaF.34058.guW@a0iVT8ni
Cyren	W32/Kryptik.EVN.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/GenKryptik.FCJH
APEX	Malicious
Paloalto	generic.ml
Kaspersky	HEUR:Trojan-Banker.Win32.ClipBanker.gen
BitDefender	Gen:Variant.Ser.Zusy.3383
Avast	Win32:CrypterX-gen [Trj]
Rising	Trojan.Generic@ML.97 (RDMK:eICIXZzZ5AdhJVE7p72/Tg)
Ad-Aware	Gen:Variant.Ser.Zusy.3383
Sophos	Generic ML PUA (PUA)
McAfee-GW-Edition	Artemis
FireEye	Generic.mg.e3e9e202fbe8ddff
Emsisoft	Gen:Variant.Ser.Zusy.3383 (B)
SentinelOne	Static AI - Suspicious PE
MAX	malware (ai score=81)
Gridinsoft	Trojan.Win32.Banker.dd!s1
Microsoft	Trojan:Win32/ClipBanker.RT!MTB
ZoneAlarm	HEUR:Trojan-Banker.Win32.ClipBanker.gen
GData	Gen:Variant.Ser.Zusy.3383
Cynet	Malicious (score: 100)
McAfee	GenericRXPP-FR!E3E9E202FBE8
VBA32	BScope.Trojan.Fuery
Malwarebytes	Trojan.BitCoinMiner
eGambit	Unsafe.AI_Score_99%
Fortinet	W32/GenKryptik.FFKQ!tr
MaxSecure	Trojan.Malware.300983.susgen
AVG	Win32:CrypterX-gen [Trj]
Panda	Trj/GdSda.A
Qihoo-360	Win32/TrojanSpy.ClipBanker.HgIASaYA

fw4.exe