Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Nov. 11, 2021, 6:01 p.m.	Nov. 11, 2021, 6:25 p.m.

Size	377.0KB
Type	PE32+ executable (GUI) x86-64, for MS Windows
MD5	`02b8cb8730c406478b6dc0443e3fa25a`
SHA256	`d7322d2705ab994d8769ca74cb6e109018d07afd764393ad89354d8ee98da914`
CRC32	`20D9B030`
ssdeep	`6144:+PhXAdE12Fxdv/Fp+SetZ7U63wNIuS1RjcyJMpwjblZmN2tvgWxOV5/KDlT3bn5V:+1AdE12FDFkj0pwjbeUtvgOO`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature OS_Processor_Check_Zero - OS Processor Check Malicious_Library_Zero - Malicious_Library UPX_Zero - UPX packed file

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
164.124.101.2	Active	Moloch

No Suricata Alerts

No Suricata TLS

file	C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\updater.lnk

Lionic	Trojan.Win32.ClipBanker.trUq
MicroWorld-eScan	Gen:Variant.Razy.988323
FireEye	Gen:Variant.Razy.988323
McAfee	Artemis!02B8CB8730C4
Symantec	Trojan.Gen.2
ESET-NOD32	a variant of Win64/ClipBanker.Z
Kaspersky	UDS:Trojan-Banker.Win32.ClipBanker
BitDefender	Gen:Variant.Razy.988323
Avast	Win64:BankerX-gen [Trj]
Ad-Aware	Gen:Variant.Razy.988323
McAfee-GW-Edition	Artemis!Trojan
Emsisoft	Gen:Variant.Razy.988323 (B)
Ikarus	Trojan.Win64.Clipbanker
Antiy-AVL	Trojan/Generic.ASMalwS.34C1C50
Gridinsoft	Ransom.Win64.Banker.oa!s1
Microsoft	Trojan:Win32/Wacatac.B!ml
GData	Gen:Variant.Razy.988323
Cynet	Malicious (score: 100)
ALYac	Gen:Variant.Razy.988323
MAX	malware (ai score=88)
Malwarebytes	Malware.AI.4247874967
TrendMicro-HouseCall	TROJ_GEN.R002H0CK621
Webroot	W32.Yakes.Crzn
AVG	Win64:BankerX-gen [Trj]

System.exe