file.exe| Category | Machine | Started | Completed |
|---|---|---|---|
| FILE | s1_win7_x6401 | Oct. 1, 2021, 10:17 p.m. | Oct. 1, 2021, 10:31 p.m. |
-
file.exe "C:\Users\test22\AppData\Local\Temp\file.exe"
2388
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| No hosts contacted. | ||
| IP Address | Status | Action |
|---|---|---|
| 164.124.101.2 | Active | Moloch |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
| pdb_path | C:\beniwu\pucupawekiy pasibovu\codojifakisi ko.pdb |
| resource name | BUJAHAGIRAMOMEVAXESAB |
| resource name | YOCUSIDIHEBOSIZORIYEPASUGIHAXEDO |
| resource name | None |
| section | {u'size_of_data': u'0x00037200', u'virtual_address': u'0x00001000', u'entropy': 7.778299235705506, u'name': u'.text', u'virtual_size': u'0x00037010'} | entropy | 7.77829923571 | description | A section with a high entropy has been found | |||||||||
| entropy | 0.556818181818 | description | Overall entropy of this PE file is high | |||||||||||
| Bkav | W32.AIDetect.malware2 |
| Elastic | malicious (high confidence) |
| FireEye | Generic.mg.69dce54e4a4ae2dd |
| Cylance | Unsafe |
| Sangfor | Trojan.Win32.Save.a |
| Cybereason | malicious.b32bac |
| BitDefenderTheta | Gen:NN.ZexaF.34170.yq0@aas5FgnO |
| Cyren | W32/Kryptik.EWJ.gen!Eldorado |
| APEX | Malicious |
| Kaspersky | UDS:Trojan.Win32.Zenpak.gen |
| McAfee-GW-Edition | BehavesLike.Win32.Emotet.fc |
| Sophos | ML/PE-A |
| Ikarus | Trojan-Banker.UrSnif |
| Kingsoft | Win32.Troj.Undef.(kcloud) |
| Microsoft | Trojan:Win32/Sabsik.FL.B!ml |
| Cynet | Malicious (score: 100) |
| Acronis | suspicious |
| McAfee | Artemis!69DCE54E4A4A |
| Rising | Trojan.Generic@ML.91 (RDML:xRBFtvwffwxs2x1E5Vahfg) |
| SentinelOne | Static AI - Malicious PE |
| eGambit | Unsafe.AI_Score_98% |
| CrowdStrike | win/malicious_confidence_100% (W) |