vbc.exe| Category | Machine | Started | Completed |
|---|---|---|---|
| FILE | s1_win7_x6401 | Oct. 5, 2021, 9:52 a.m. | Oct. 5, 2021, 10:01 a.m. |
-
vbc.exe "C:\Users\test22\AppData\Local\Temp\vbc.exe"
2648
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| No hosts contacted. | ||
| IP Address | Status | Action |
|---|---|---|
| 164.124.101.2 | Active | Moloch |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
| pdb_path | C:\tipirupe_tazixalufo.pdb |
| section | {u'size_of_data': u'0x00022c00', u'virtual_address': u'0x00001000', u'entropy': 7.490612791432983, u'name': u'.text', u'virtual_size': u'0x00022b80'} | entropy | 7.49061279143 | description | A section with a high entropy has been found | |||||||||
| entropy | 0.487719298246 | description | Overall entropy of this PE file is high | |||||||||||
| Bkav | W32.AIDetect.malware2 |
| Elastic | malicious (high confidence) |
| FireEye | Generic.mg.cb1aa8895db7b559 |
| Cylance | Unsafe |
| Sangfor | Trojan.Win32.Save.a |
| Cybereason | malicious.1985b4 |
| BitDefenderTheta | Gen:NN.ZexaF.34170.rq0@a855u2ci |
| Cyren | W32/Kryptik.EWJ.gen!Eldorado |
| Symantec | ML.Attribute.HighConfidence |
| APEX | Malicious |
| Kaspersky | VHO:Trojan-PSW.Win32.Convagent.gen |
| Rising | Trojan.Generic@ML.100 (RDML:Qe4FKt56BVGlR8JwXvmDAQ) |
| McAfee-GW-Edition | BehavesLike.Win32.MultiPlug.dh |
| SentinelOne | Static AI - Malicious PE |
| eGambit | Unsafe.AI_Score_99% |
| Microsoft | Trojan:Win32/Sabsik.FL.B!ml |
| Cynet | Malicious (score: 100) |
| Acronis | suspicious |
| Ikarus | Trojan-Banker.UrSnif |
| CrowdStrike | win/malicious_confidence_100% (W) |