Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Aug. 26, 2021, 8:46 a.m.	Aug. 26, 2021, 8:52 a.m.

Size	932.5KB
Type	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`b2a06b4fb1811354110a6ff29195744f`
SHA256	`fe4126564a824b6606937b8fe4a39478da1857e5a38ab9b232c52a9e922b467f`
CRC32	`DCF8E643`
ssdeep	`6144:tZeZc8QKJoNrYNIun8E7NXjm4K2XgskvTGWU54M1TdJCiLKD/eIJJJvzV7DssOyx:tZYRR6FM`
Yara	PE_Header_Zero - PE File Signature Generic_Malware_Zero - Generic Malware Is_DotNET_EXE - (no description) Malicious_Library_Zero - Malicious_Library IsPE32 - (no description)

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
164.124.101.2	Active	Moloch

No Suricata Alerts

No Suricata TLS

Lionic	Trojan.Win32.Mardom.4!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Trojan.Mardom.IN.14
FireEye	Generic.mg.b2a06b4fb1811354
McAfee	Artemis!B2A06B4FB181
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
Cybereason	malicious.785d9b
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Paloalto	generic.ml
Kaspersky	UDS:DangerousObject.Multi.Generic
BitDefender	Gen:Trojan.Mardom.IN.14
Avast	FileRepMalware
Ad-Aware	Gen:Trojan.Mardom.IN.14
Sophos	Mal/Generic-R
McAfee-GW-Edition	BehavesLike.Win32.Generic.dz
Emsisoft	Gen:Trojan.Mardom.IN.14 (B)
SentinelOne	Static AI - Malicious PE
Kingsoft	Win32.Troj.Generic_a.a.(kcloud)
Microsoft	Trojan:Win32/Wacatac.B!ml
GData	Gen:Trojan.Mardom.IN.14
Cynet	Malicious (score: 100)
BitDefenderTheta	Gen:NN.ZemsilF.34104.6m0@aCQzTcoi
ALYac	Gen:Trojan.Mardom.IN.14
MAX	malware (ai score=89)
Malwarebytes	Trojan.Injector
TrendMicro-HouseCall	TROJ_GEN.R002H09HP21
Ikarus	Trojan.Inject
eGambit	Unsafe.AI_Score_100%
Fortinet	PossibleThreat
AVG	FileRepMalware
CrowdStrike	win/malicious_confidence_100% (W)

razi.exe