qwe.exe| Category | Machine | Started | Completed |
|---|---|---|---|
| FILE | s1_win7_x6401 | Nov. 7, 2021, 10:14 a.m. | Nov. 7, 2021, 10:16 a.m. |
-
qwe.exe "C:\Users\test22\AppData\Local\Temp\qwe.exe"
2772
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| No hosts contacted. | ||
| IP Address | Status | Action |
|---|---|---|
| No hosts contacted. | ||
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
| pdb_path | C:\sejihifizex34 humugaz.pdb |
| section | .cod |
| resource name | CIDAFICUDUROSOTAROM |
| resource name | VESURAGOSAG |
| resource name | YONAMIKORUFENI |
| section | {u'size_of_data': u'0x00041800', u'virtual_address': u'0x00001000', u'entropy': 7.031228466374225, u'name': u'.text', u'virtual_size': u'0x00041610'} | entropy | 7.03122846637 | description | A section with a high entropy has been found | |||||||||
| entropy | 0.742209631728 | description | Overall entropy of this PE file is high | |||||||||||
| Lionic | Trojan.Win32.Strab.4!c |
| Elastic | malicious (high confidence) |
| FireEye | Generic.mg.85ec477462d74392 |
| Cylance | Unsafe |
| CrowdStrike | win/malicious_confidence_80% (W) |
| Symantec | ML.Attribute.HighConfidence |
| ESET-NOD32 | a variant of Win32/Kryptik.HNFE |
| Paloalto | generic.ml |
| Kaspersky | UDS:Trojan.Win32.Strab.gen |
| Sophos | Mal/Generic-S |
| Baidu | Win32.Trojan.Kryptik.jm |
| McAfee-GW-Edition | Artemis!Trojan |
| SentinelOne | Static AI - Malicious PE |
| MaxSecure | Trojan.Malware.300983.susgen |
| Kingsoft | Win32.Troj.Undef.(kcloud) |
| Gridinsoft | Trojan.Heur!.00812031 |
| Microsoft | Ransom:Win32/StopCrypt.SL!MTB |
| Cynet | Malicious (score: 100) |
| Acronis | suspicious |
| McAfee | RDN/Strab |
| VBA32 | BScope.Trojan.Sabsik.FL |
| Malwarebytes | Trojan.MalPack.GS |
| Ikarus | Trojan.Agent |
| eGambit | PE.Heur.InvalidSig |
| Fortinet | PossibleThreat.PALLAS.H |