Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	May 23, 2022, 4:51 p.m.	May 23, 2022, 4:55 p.m.

Size	304.7KB
Type	PE32 executable (console) Intel 80386, for MS Windows
MD5	`56631af68a3da74a28cd90356d3fd6d9`
SHA256	`248b9f78cabc04c5eff4f7cc9075eb6abb6cfce86585f5149fa55840fbe36342`
CRC32	`661F88DF`
ssdeep	`6144:Em1c/A6lGGSvIDgIU5BA1gAOt1wKPQFi9ogPfvsF8kbN:pc/A6lGGSvYsPr1wKztPnqbN`
Yara	IsPE32 - (no description) OS_Processor_Check_Zero - OS Processor Check UPX_Zero - UPX packed file Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

No Suricata Alerts

No Suricata TLS

Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Lazy.185520
ALYac	Gen:Variant.Lazy.185520
Cylance	Unsafe
Sangfor	Suspicious.Win32.Save.a
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Kryptik.HPPO
APEX	Malicious
Kaspersky	HEUR:Trojan.Win32.Bingoml.gen
BitDefender	Gen:Variant.Lazy.185520
Avast	TrojanX-gen [Trj]
Ad-Aware	Gen:Variant.Lazy.185520
Sophos	Generic ML PUA (PUA)
DrWeb	Trojan.PWS.Stealer.32832
FireEye	Generic.mg.56631af68a3da74a
SentinelOne	Static AI - Suspicious PE
MAX	malware (ai score=87)
Microsoft	Trojan:Win32/Wacatac.B!ml
GData	Gen:Variant.Lazy.185520
Cynet	Malicious (score: 100)
Rising	Backdoor.Pandora!8.7729 (TFE:dGZlOgUOkVOfV9sW/g)
BitDefenderTheta	Gen:NN.ZexaF.34682.tuX@aaOTmUmi
AVG	TrojanX-gen [Trj]

update.exe