Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6403_us | Jan. 19, 2023, 12:35 p.m. | Jan. 19, 2023, 12:38 p.m. |
-
svcrun.exe "C:\Users\test22\AppData\Local\Temp\svcrun.exe"
1872
Name | Response | Post-Analysis Lookup |
---|---|---|
No hosts contacted. |
IP Address | Status | Action |
---|---|---|
No hosts contacted. |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
resource name | PNG |
resource name | REGISTRY |
resource name | TEXTFILE |
resource name | TYPELIB |
section | {u'size_of_data': u'0x00098800', u'virtual_address': u'0x000e2000', u'entropy': 7.5830254398484405, u'name': u'.rsrc', u'virtual_size': u'0x0009864c'} | entropy | 7.58302543985 | description | A section with a high entropy has been found | |||||||||
section | {u'size_of_data': u'0x00107400', u'virtual_address': u'0x0017c000', u'entropy': 7.999786638152722, u'name': u'.data', u'virtual_size': u'0x00107400'} | entropy | 7.99978663815 | description | A section with a high entropy has been found | |||||||||
entropy | 1.0 | description | Overall entropy of this PE file is high |
McAfee | Artemis!CA7512057005 |
Cylance | Unsafe |
Symantec | ML.Attribute.HighConfidence |
Elastic | malicious (high confidence) |
Cynet | Malicious (score: 100) |
APEX | Malicious |
Avast | CoinminerX-gen [Trj] |
McAfee-GW-Edition | BehavesLike.Win64.Generic.tc |
Microsoft | Trojan:Win32/Sabsik.FL.B!ml |
Detected | |
AhnLab-V3 | Trojan/Win.Agent.R543531 |
Zoner | Probably Heur.ExeHeaderL |
Rising | Spyware.Bobik!8.108FF (TFE:1:uv5VD15mg9I) |
Ikarus | Trojan.Win32.Generic |
AVG | CoinminerX-gen [Trj] |
CrowdStrike | win/malicious_confidence_90% (D) |