Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Sept. 7, 2021, 7:01 p.m.	Sept. 7, 2021, 7:19 p.m.

Size	2.4MB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`66a8fb0b8be4768c062c24b7313a457a`
SHA256	`1d447531015f2866dd25e5dca113d248c5249ab2aec84c522bfd63c946951539`
CRC32	`427A330A`
ssdeep	`49152:PR07qT3aGPs8xDvWBrS0tPTXYOLnAXLemMJFr:PR07WaGDpWBrR1XYOsX`
PDB Path	F:\High End\stealer\Release\stealer.pdb
Yara	PE_Header_Zero - PE File Signature Malicious_Library_Zero - Malicious_Library UPX_Zero - UPX packed file IsPE32 - (no description) OS_Processor_Check_Zero - OS Processor Check

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
164.124.101.2	Active	Moloch

No Suricata Alerts

No Suricata TLS

pdb_path

F:\High End\stealer\Release\stealer.pdb

section

{u'size_of_data': u'0x001e8200', u'virtual_address': u'0x00001000', u'entropy': 6.842923495907589, u'name': u'.text', u'virtual_size': u'0x001e803f'}

entropy

6.84292349591

description

A section with a high entropy has been found

entropy

0.785872408935

description

Overall entropy of this PE file is high

Bkav	W32.GucarsiRT.Trojan
Elastic	malicious (high confidence)
Cynet	Malicious (score: 100)
FireEye	Generic.mg.66a8fb0b8be4768c
CAT-QuickHeal	Trojanpws.Greedy
McAfee	Artemis!66A8FB0B8BE4
Cylance	Unsafe
Zillya	Trojan.Agent.Win32.2306392
K7AntiVirus	Spyware ( 0057be171 )
Alibaba	TrojanPSW:Win32/Greedy.80a3f5e8
K7GW	Spyware ( 0057be171 )
Cyren	W32/Trojan.NHUY-4735
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	Win32/Spy.Agent.QCM
APEX	Malicious
Kaspersky	HEUR:Trojan-PSW.Win32.Greedy.gen
BitDefender	Trojan.GenericKD.46596548
MicroWorld-eScan	Trojan.GenericKD.46596548
Avast	Win32:Malware-gen
Ad-Aware	Trojan.GenericKD.46596548
Emsisoft	Trojan.GenericKD.46596548 (B)
F-Secure	Trojan.TR/AD.Injector.tqpzt
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	TROJ_GEN.R002C0WGA21
McAfee-GW-Edition	BehavesLike.Win32.Worm.vh
Sophos	Mal/Generic-S
Jiangmin	Trojan.PSW.Greedy.d
Avira	TR/AD.Injector.tqpzt
MAX	malware (ai score=88)
Kingsoft	Win32.PSWTroj.Undef.(kcloud)
Gridinsoft	Trojan.Win32.Downloader.ns
Microsoft	Trojan:Win32/Glupteba!ml
ViRobot	Trojan.Win32.Z.Greedy.2545152
ZoneAlarm	HEUR:Trojan-PSW.Win32.Greedy.gen
GData	Trojan.GenericKD.46596548
AhnLab-V3	Trojan/Win.Generic.C4545870
ALYac	Trojan.GenericKD.46596548
VBA32	TrojanPSW.Greedy
Malwarebytes	Spyware.PasswordStealer
TrendMicro-HouseCall	TROJ_GEN.R002C0WGA21
Tencent	Win32.Trojan-qqpass.Qqrob.Wpto
Ikarus	Trojan.Injector
MaxSecure	Trojan.Malware.118387334.susgen
Fortinet	W32/Greedy!tr.pws
AVG	Win32:Malware-gen
Panda	Trj/GdSda.A
CrowdStrike	win/malicious_confidence_100% (W)

stl.exe