Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6402	March 16, 2023, 2:27 p.m.	March 16, 2023, 2:29 p.m.

Size	5.0MB
Type	Zip archive data, at least v2.0 to extract
MD5	`1701259e39636d400dd1f48f633c98be`
SHA256	`4ee078115b0531fd29eb6f47210f11e41368439479f7ed38ff90c92ee510af09`
CRC32	`D30E8A4D`
ssdeep	`98304:sBqNzf7Vul7evd23XDCIDi/2KYRiY5SUTCRlkdGPN6b1EEis5nL0k:sBqNzeeUnWT/2KYRiYkbRudGPZsFLj`
Yara	zip_file_format - ZIP file format

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
164.124.101.2	Active	Moloch

No Suricata Alerts

No Suricata TLS

Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Renos.22
FireEye	Gen:Variant.Renos.22
Malwarebytes	Trojan.Crypt.Generic
Sangfor	Trojan.Win32.Save.a
Arcabit	Trojan.Renos.22
BitDefenderTheta	Gen:NN.ZexaF.36344.@BW@aycMi8n
ESET-NOD32	a variant of Win32/TrojanDownloader.Satacom.AD
Avast	Win32:Evo-gen [Trj]
Cynet	Malicious (score: 99)
Kaspersky	UDS:Trojan-Downloader.Win32.Satacom
BitDefender	Gen:Variant.Renos.22
NANO-Antivirus	Virus.Win32.Gen.ccmw
Sophos	Generic ML PUA (PUA)
VIPRE	Gen:Variant.Renos.22
Emsisoft	Gen:Variant.Renos.22 (B)
SentinelOne	Static AI - Malicious Archive
Avira	TR/Crypt.XPACK.Gen
MAX	malware (ai score=86)
Microsoft	Program:Win32/Wacapew.C!ml
GData	Gen:Variant.Renos.22
AhnLab-V3	Trojan/Win.Generic.C5394783
Acronis	suspicious
VBA32	BScope.Trojan.Wacatac
Zoner	Probably Heur.ExeHeaderL
Rising	Trojan.Generic!8.C3 (TFE:5:Do2zKLf90yG)
MaxSecure	Trojan.Malware.300983.susgen
AVG	Win32:Evo-gen [Trj]

file.zip