popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

AnyDesk.exe

UPX Malicious Packer PWS PE File OS Processor Check PE32 .NET EXE
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us Oct. 3, 2022, 9:44 a.m. Oct. 3, 2022, 9:49 a.m.
Size 58.0KB
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 7f2717a61bf9954670ea7c947815816e
SHA256 15d3ee4efbe7c1ebc998c69f2d6902fb26387c83dc49e41f54c2946c420120c1
CRC32 EF8AF346
ssdeep 1536:4uyRNTAGo2W93pXGyb9Z5dqPPnHbJdRaMb:4uy/TAGo2U3pXGyb9ZiPvHbJjaMb
Yara
  • IsPE32 - (no description)
  • OS_Processor_Check_Zero - OS Processor Check
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
  • UPX_Zero - UPX packed file
  • Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult
  • PE_Header_Zero - PE File Signature
  • Is_DotNET_EXE - (no description)
  • Malicious_Packer_Zero - Malicious Packer

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Bkav W32.AIDetectNet.01
Elastic malicious (high confidence)
MicroWorld-eScan IL:Trojan.MSILZilla.16844
CAT-QuickHeal Backdoor.MsilFC.S13564499
McAfee Fareit-FZT!7F2717A61BF9
Cylance Unsafe
VIPRE IL:Trojan.MSILZilla.16844
Sangfor Suspicious.Win32.Save.a
K7AntiVirus Trojan ( 005678321 )
K7GW Trojan ( 005678321 )
CrowdStrike win/malicious_confidence_70% (D)
Arcabit IL:Trojan.MSILZilla.D41CC
Cyren W32/Samas.B.gen!Eldorado
ESET-NOD32 a variant of MSIL/Agent.CFQ
Cynet Malicious (score: 100)
APEX Malicious
ClamAV Win.Packed.Razy-9625918-0
Kaspersky HEUR:Backdoor.MSIL.Crysan.gen
BitDefender IL:Trojan.MSILZilla.16844
Avast Win32:DropperX-gen [Drp]
Tencent Trojan.Msil.Agent.zap
Ad-Aware IL:Trojan.MSILZilla.16844
Emsisoft IL:Trojan.MSILZilla.16844 (B)
DrWeb Trojan.Siggen9.56514
McAfee-GW-Edition Fareit-FZT!7F2717A61BF9
FireEye Generic.mg.7f2717a61bf99546
Sophos ML/PE-A + Mal/Agent-AVM
Ikarus Trojan.MSIL.Agent
Jiangmin Backdoor.MSIL.cxnh
Avira HEUR/AGEN.1202835
Antiy-AVL Trojan/Generic.ASMalwS.3
Microsoft Backdoor:MSIL/AsyncRat.AD!MTB
GData MSIL.Trojan.PSE.1DMM7H0
Google Detected
AhnLab-V3 Trojan/Win32.RL_Generic.C3546893
Acronis suspicious
VBA32 OScope.Backdoor.MSIL.Crysan
ALYac IL:Trojan.MSILZilla.16844
MAX malware (ai score=88)
Malwarebytes Generic.Trojan.Malicious.DDS
Rising Trojan.AntiVM!1.CF63 (CLASSIC)
SentinelOne Static AI - Malicious PE
MaxSecure Trojan.Malware.300983.susgen
Fortinet MSIL/CoinMiner.CFQ!tr
BitDefenderTheta Gen:NN.ZemsilF.34698.dm0@a8O@b2h
AVG Win32:DropperX-gen [Drp]
Cybereason malicious.61bf99