Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Feb. 5, 2022, 6:28 p.m.	Feb. 5, 2022, 6:30 p.m.

Size	152.5KB
Type	PE32 executable (console) Intel 80386, for MS Windows
MD5	`68658cac51a3ee725891799aac339613`
SHA256	`e96bffaf47466cbe75dcf428e6644292c49af8db919bfbcf6d5797cb0eeef35d`
CRC32	`0982D22F`
ssdeep	`3072:57IuMJuuw/nEmsvs6sgErUV9pWCEoevUHuvAHL+fg5WH96R1c/KlO:FDGw/nEHqgW6ptEocUHuvAHLtjcSY`
Yara	PE_Header_Zero - PE File Signature OS_Processor_Check_Zero - OS Processor Check IsPE32 - (no description) Malicious_Library_Zero - Malicious_Library UPX_Zero - UPX packed file

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Foreign language identified in PE resource (3 events)

name

RT_ICON

language

LANG_NEUTRAL

filetype

data

sublanguage

SUBLANG_ARABIC_OMAN

offset

0x000263f0

size

0x000010a8

name

RT_GROUP_ICON

language

LANG_NEUTRAL

filetype

data

sublanguage

SUBLANG_ARABIC_OMAN

offset

0x00027498

size

0x00000014

name

RT_VERSION

language

LANG_NEUTRAL

filetype

data

sublanguage

SUBLANG_ARABIC_OMAN

offset

0x00026130

size

0x000002c0

File has been identified by 43 AntiVirus engines on VirusTotal as malicious (43 events)

Lionic	Trojan.Win32.Generic.lJns
Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.GenericKD.48244414
FireEye	Trojan.GenericKD.48244414
CAT-QuickHeal	Trojan.Zapchast
McAfee	GenericRXRO-JN!68658CAC51A3
Cylance	Unsafe
Sangfor	Trojan.Win32.Zapchast.gen
K7AntiVirus	Trojan ( 0058d8c01 )
K7GW	Trojan ( 0058d8c01 )
BitDefenderTheta	Gen:NN.ZexaF.34182.ju0@aqfO54iO
Cyren	W32/Agent.PYSZ-2498
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/TrojanDownloader.Agent.GCL
TrendMicro-HouseCall	TROJ_GEN.R002C0WAU22
Kaspersky	HEUR:Trojan.Win32.Zapchast.gen
BitDefender	Trojan.GenericKD.48244414
Avast	Win32:DropperX-gen [Drp]
Tencent	Win32.Trojan-downloader.Agent.Wozt
Sophos	Mal/Generic-S
Comodo	Malware@#jxlj5icm0k38
Zillya	Downloader.Agent.Win32.461032
TrendMicro	TROJ_GEN.R002C0WAU22
McAfee-GW-Edition	GenericRXRO-JN!68658CAC51A3
Emsisoft	Trojan.GenericKD.48244414 (B)
Ikarus	Trojan-Downloader.Win32.Agent
Kingsoft	Win32.Troj.Undef.(kcloud)
Gridinsoft	Malware.Win32.GenericMC.cc
Microsoft	Trojan:Win32/Sabsik!ml
ZoneAlarm	HEUR:Trojan.Win32.Zapchast.gen
GData	Trojan.GenericKD.48244414
AhnLab-V3	Dropper/Win.Generic.R467245
VBA32	Trojan.Zapchast
ALYac	Trojan.GenericKD.48244414
MAX	malware (ai score=84)
Malwarebytes	Trojan.Downloader
APEX	Malicious
Rising	Downloader.Agent!8.B23 (CLOUD)
Yandex	Trojan.DL.Agent!WkqP6LvoeZ4
Fortinet	W32/PossibleThreat
AVG	Win32:DropperX-gen [Drp]
Panda	Trj/GdSda.A
CrowdStrike	win/malicious_confidence_100% (W)

WW14.bmp

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All