Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
11.19 07:11
4f3200e5324a333579e06e...
11.19 07:11
6e1ed6447607ab4c30b3f3...
11.19 07:11
6e1ed6447607ab4c30b3f3...
11.19 02:11
Potwierdzenie.exe
11.19 02:11
cheet.exe
11.19 02:11
chelentano.exe
11.19 02:11
12.exe
11.19 02:11
caspol.exe
11.19 02:11
gambinho.exe
11.19 02:11
Getdp.exe

Latest News
11.19 10:11
Why shift left alone i...
11.19 10:11
Why shift left alone i...
11.19 10:11
[Control systems] Siem...
11.19 10:11
[UPDATE] [mittel] IBM ...
11.19 10:11
Sicherheitslücke: Azur...
11.19 10:11
[UPDATE] [mittel] Micr...
11.19 10:11
[UPDATE] [hoch] Ubiqui...
11.19 10:11
[UPDATE] [hoch] GNU Em...
11.19 10:11
[UPDATE] [hoch] Apple ...
11.19 10:11
IT Sicherheitsnews stü...

Summary | ZeroBOX

file.zip

ZIP Format

Category	Machine	Started	Completed
FILE	s1_win7_x6402	March 17, 2023, 6:10 p.m.	March 17, 2023, 6:13 p.m.

Size	8.9MB
Type	Zip archive data, at least v2.0 to extract
MD5	`26920d49e119bb1dc4c206aba46c0dcd`
SHA256	`fd7fd6b37b0616c9fbe3b6a5594f1a7142aad78f07b0fd2ec6e60c1b86bdb2dc`
CRC32	`10EA156E`
ssdeep	`196608:zvSdmCIyCK4+NNEdOcTbdKqcfeCbNNWAqjEbDRpTgrPTk3YcfQj:ssy74jR/pyrnqjCNIPY36`
Yara	zip_file_format - ZIP file format

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
164.124.101.2	Active	Moloch

Suricata Alerts

Flow	SID	Signature	Category
TCP 175.208.134.153:62996 -> 192.168.56.102:5911	2002911	ET SCAN Potential VNC Scan 5900-5920	Attempted Information Leak

Suricata TLS

No Suricata TLS

File has been identified by 9 AntiVirus engines on VirusTotal as malicious (9 events)

Elastic	malicious (moderate confidence)
Cynet	Malicious (score: 99)
ESET-NOD32	a variant of Win32/Kryptik.HRZC
Kaspersky	HEUR:Trojan.Win32.Kryptik.gen
F-Secure	Heuristic.HEUR/AGEN.1255782
Avira	TR/Dropper.Gen
ZoneAlarm	HEUR:Trojan.Win32.Kryptik.gen
Google	Detected
Ikarus	Trojan.Win32.Crypt