vbc.bin| Category | Machine | Started | Completed |
|---|---|---|---|
| FILE | s1_win7_x6401 | Aug. 25, 2021, 11 p.m. | Aug. 25, 2021, 11 p.m. |
-
vbc.bin "C:\Users\test22\AppData\Local\Temp\vbc.bin"
2216
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| a.uguu.se | 144.76.201.136 |
Suricata Alerts
| Flow | SID | Signature | Category |
|---|---|---|---|
| TCP 144.76.201.136:443 -> 192.168.56.101:49202 | 2029340 | ET INFO TLS Handshake Failure | Potentially Bad Traffic |
| TCP 192.168.56.101:49198 -> 144.76.201.136:443 | 906200056 | SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) | undefined |
| TCP 192.168.56.101:49201 -> 144.76.201.136:443 | 906200056 | SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) | undefined |
Suricata TLS
No Suricata TLS
| section | {u'size_of_data': u'0x00054200', u'virtual_address': u'0x0008c000', u'entropy': 7.937159861876598, u'name': u'UPX1', u'virtual_size': u'0x00055000'} | entropy | 7.93715986188 | description | A section with a high entropy has been found | |||||||||
| entropy | 0.91689373297 | description | Overall entropy of this PE file is high | |||||||||||
| section | UPX0 | description | Section name indicates UPX | ||||||
| section | UPX1 | description | Section name indicates UPX | ||||||
| Bkav | W32.AIDetect.malware2 |
| Elastic | malicious (high confidence) |
| FireEye | Generic.mg.24c4788a737cda14 |
| Cylance | Unsafe |
| Sangfor | Trojan.Win32.Save.a |
| Cyren | W32/AutoIt.TA.gen!Eldorado |
| APEX | Malicious |
| Kaspersky | UDS:DangerousObject.Multi.Generic |
| McAfee-GW-Edition | BehavesLike.Win32.Generic.fc |
| Sophos | Generic ML PUA (PUA) |
| eGambit | Unsafe.AI_Score_99% |
| ZoneAlarm | UDS:DangerousObject.Multi.Generic |
| Cynet | Malicious (score: 100) |
| Malwarebytes | Malware.Heuristic.1003 |
| MaxSecure | Trojan.Malware.300983.susgen |
| Webroot | Pua.Yukleyici |
| Cybereason | malicious.c300fc |