Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	April 21, 2023, 5:59 p.m.	April 21, 2023, 6:13 p.m.

Size	1.8MB
Type	PE32+ executable (GUI) x86-64, for MS Windows
MD5	`249e72c284e40f491a40290b0b22fc58`
SHA256	`e74e9eef09f0408bc12122664feab0f172a77bda450290cb2c583a1fb09a18b7`
CRC32	`6293F50F`
ssdeep	`49152:Y1LslvY4A5tOYiFozvPfpiE42OwpJM86LB:Y1OvFA5viFLFIO86`
Yara	UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check IsPE64 - (no description) Malicious_Packer_Zero - Malicious Packer PE_Header_Zero - PE File Signature Malicious_Library_Zero - Malicious_Library

4496TmGAmszliFaJddlAQYLYCUMW.exe "C:\Users\test22\AppData\Local\Temp\4496TmGAmszliFaJddlAQYLYCUMW.exe"
2548

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

No Suricata Alerts

No Suricata TLS

section

_RDATA

MicroWorld-eScan	Trojan.GenericKD.66512328
FireEye	Trojan.GenericKD.66512328
CrowdStrike	win/malicious_confidence_70% (W)
Arcabit	Trojan.Generic.D3F6E5C8
Cynet	Malicious (score: 100)
APEX	Malicious
BitDefender	Trojan.GenericKD.66512328
Avast	FileRepMalware [Misc]
Emsisoft	Trojan.GenericKD.66512328 (B)
F-Secure	Heuristic.HEUR/AGEN.1319430
VIPRE	Gen:Variant.Mikey.146526
McAfee-GW-Edition	BehavesLike.Win64.BrowseFox.th
Webroot	W32.Trojan.Gen
Avira	HEUR/AGEN.1319430
Microsoft	Trojan:Win32/Casdet!rfn
GData	Trojan.GenericKD.66512328
AhnLab-V3	Malware/Win.Generic.C5415278
McAfee	Artemis!249E72C284E4
MAX	malware (ai score=87)
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/PossibleThreat
AVG	FileRepMalware [Misc]
DeepInstinct	MALICIOUS

4496TmGAmszliFaJddlAQYLYCUMW.exe