Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	May 23, 2022, 4:51 p.m.	May 23, 2022, 4:53 p.m.

Size	304.7KB
Type	PE32 executable (console) Intel 80386, for MS Windows
MD5	`4f7a427579f50779ecf321f86e06fc29`
SHA256	`32dbd23da3165e24cca4714f1b822d02f7056fb7bf21e687ae5506109f223b3f`
CRC32	`A3DBF8AC`
ssdeep	`6144:gm1IDA6lGGSvIDgIU5BA11AO21r2ZSmuNb3WfG8kbN:VIDA6lGGSvYsOU1r2kOfCbN`
Yara	IsPE32 - (no description) OS_Processor_Check_Zero - OS Processor Check UPX_Zero - UPX packed file Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

No Suricata Alerts

No Suricata TLS

Elastic	malicious (high confidence)
Cynet	Malicious (score: 100)
Cylance	Unsafe
K7GW	Trojan ( 00592f8a1 )
K7AntiVirus	Trojan ( 00592f8a1 )
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Kryptik.HPPO
APEX	Malicious
Kaspersky	HEUR:Trojan.Win32.Bingoml.gen
BitDefender	Gen:Variant.Lazy.185520
MicroWorld-eScan	Gen:Variant.Lazy.185520
Avast	Win32:TrojanX-gen [Trj]
Ad-Aware	Gen:Variant.Lazy.185520
Emsisoft	Gen:Variant.Lazy.185520 (B)
DrWeb	Trojan.PWS.Stealer.32832
FireEye	Generic.mg.4f7a427579f50779
Sophos	Generic ML PUA (PUA)
Microsoft	Trojan:Script/Phonzy.C!ml
ZoneAlarm	HEUR:Trojan.Win32.Bingoml.gen
GData	Gen:Variant.Lazy.185520
AhnLab-V3	Trojan/Win.Generic.R493290
ALYac	Gen:Variant.Lazy.185520
MAX	malware (ai score=87)
Malwarebytes	Trojan.MalPack
Rising	Backdoor.Pandora!8.7729 (TFE:dGZlOgUOkVOfV9sW/g)
Fortinet	W32/Kryptik.HPPO!tr
BitDefenderTheta	Gen:NN.ZexaF.34682.tuX@aexQhcii
AVG	Win32:TrojanX-gen [Trj]

%EF%BB%BF259_1.exe