telvm.exe| Category | Machine | Started | Completed |
|---|---|---|---|
| FILE | s1_win7_x6401 | April 5, 2023, 8:41 a.m. | April 5, 2023, 8:44 a.m. |
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| No hosts contacted. | ||
| IP Address | Status | Action |
|---|---|---|
| No hosts contacted. | ||
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
| section | |
| section | .themida |
| section | .boot |
| section | {u'size_of_data': u'0x00001e00', u'virtual_address': u'0x00001000', u'entropy': 7.907250063898377, u'name': u' ', u'virtual_size': u'0x00002aef'} | entropy | 7.9072500639 | description | A section with a high entropy has been found | |||||||||
| section | {u'size_of_data': u'0x00000600', u'virtual_address': u'0x00004000', u'entropy': 7.5280483294690805, u'name': u' ', u'virtual_size': u'0x00002084'} | entropy | 7.52804832947 | description | A section with a high entropy has been found | |||||||||
| section | {u'size_of_data': u'0x0038aa00', u'virtual_address': u'0x00008000', u'entropy': 7.999946428459615, u'name': u' ', u'virtual_size': u'0x004c87f0'} | entropy | 7.99994642846 | description | A section with a high entropy has been found | |||||||||
| section | {u'size_of_data': u'0x00000400', u'virtual_address': u'0x004d1000', u'entropy': 7.770877385442619, u'name': u' ', u'virtual_size': u'0x00000428'} | entropy | 7.77087738544 | description | A section with a high entropy has been found | |||||||||
| section | {u'size_of_data': u'0x00235e00', u'virtual_address': u'0x009c1000', u'entropy': 7.955360306662291, u'name': u'.boot', u'virtual_size': u'0x00235e00'} | entropy | 7.95536030666 | description | A section with a high entropy has been found | |||||||||
| entropy | 0.991930060525 | description | Overall entropy of this PE file is high | |||||||||||
| Bkav | W32.AIDetectNet.01 |
| Lionic | Trojan.Win32.Convagent.trYj |
| tehtris | Generic.Malware |
| MicroWorld-eScan | Trojan.GenericKD.66230497 |
| McAfee | Artemis!BFC8BBF94EBB |
| Malwarebytes | Malware.Heuristic.1003 |
| CrowdStrike | win/malicious_confidence_90% (W) |
| Arcabit | Trojan.Generic.D3F298E1 |
| Symantec | ML.Attribute.HighConfidence |
| Elastic | malicious (high confidence) |
| ESET-NOD32 | a variant of Win32/Packed.Themida.CL suspicious |
| APEX | Malicious |
| Paloalto | generic.ml |
| Cynet | Malicious (score: 100) |
| Kaspersky | VHO:Trojan-Downloader.Win32.Convagent.gen |
| BitDefender | Trojan.GenericKD.66230497 |
| Avast | Win32:AdwareX-gen [Adw] |
| Emsisoft | Trojan.GenericKD.66230497 (B) |
| VIPRE | Trojan.GenericKD.66230497 |
| McAfee-GW-Edition | BehavesLike.Win32.Dropper.tc |
| Trapmine | malicious.high.ml.score |
| FireEye | Generic.mg.bfc8bbf94ebb09d7 |
| Sophos | Mal/Generic-S |
| SentinelOne | Static AI - Malicious PE |
| MAX | malware (ai score=88) |
| Antiy-AVL | Trojan/Win32.Sabsik |
| Gridinsoft | Ransom.Win32.Sabsik.sa |
| Microsoft | Trojan:Win32/Sabsik.FL.B!ml |
| ZoneAlarm | VHO:Trojan-Downloader.Win32.Convagent.gen |
| GData | Trojan.GenericKD.66230497 |
| Acronis | suspicious |
| Cylance | unsafe |
| Zoner | Probably Heur.ExeHeaderL |
| Rising | Trojan.Generic@AI.100 (RDML:tZOzwxiCsFrER6DBzwBTJg) |
| Fortinet | Riskware/Application |
| AVG | Win32:AdwareX-gen [Adw] |
| DeepInstinct | MALICIOUS |