Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	April 24, 2023, 8:50 a.m.	April 24, 2023, 8:52 a.m.

Size	1.2MB
Type	PE32 executable (console) Intel 80386, for MS Windows
MD5	`4073ba4d8574f29731ea77058377abca`
SHA256	`4467c997fb13fd4fd937244301b0c987bb1658d8010c4858972e619c93722534`
CRC32	`4AF272DF`
ssdeep	`12288:0x6rmr3ODZllaC2Xe6TD/bhH9JesrTof37nqQM7Njd6uuQ:0D3RLvPJesnwLn0NdH`
Yara	UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check Malicious_Packer_Zero - Malicious Packer IsPE32 - (no description) PE_Header_Zero - PE File Signature Malicious_Library_Zero - Malicious_Library

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

No Suricata Alerts

No Suricata TLS

section

.pa1KC

section

{u'size_of_data': u'0x00050600', u'virtual_address': u'0x00037000', u'entropy': 7.991031335324185, u'name': u'.data', u'virtual_size': u'0x00051320'}

entropy

7.99103133532

description

A section with a high entropy has been found

entropy

0.262341901265

description

Overall entropy of this PE file is high

Bkav	W32.AIDetect.malware1
Lionic	Trojan.Win32.Stealer.12!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Lazy.287537
ALYac	Gen:Variant.Lazy.287537
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_70% (W)
Arcabit	Trojan.Lazy.D46331
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Kryptik.HSKS
APEX	Malicious
Paloalto	generic.ml
Cynet	Malicious (score: 100)
Kaspersky	HEUR:Trojan-Spy.Win32.Stealer.gen
BitDefender	Gen:Variant.Lazy.287537
Avast	Win32:Evo-gen [Trj]
Emsisoft	Gen:Variant.Lazy.287537 (B)
VIPRE	Gen:Variant.Lazy.287537
McAfee-GW-Edition	BehavesLike.Win32.Generic.tt
Trapmine	malicious.high.ml.score
FireEye	Generic.mg.4073ba4d8574f297
Sophos	Mal/Generic-S
SentinelOne	Static AI - Suspicious PE
Webroot	W32.Malware.Gen
MAX	malware (ai score=83)
Microsoft	Backdoor:Win32/DCRAT.JP!MTB
ZoneAlarm	HEUR:Trojan-Spy.Win32.Stealer.gen
GData	Gen:Variant.Lazy.287537
Google	Detected
AhnLab-V3	Trojan/Win.Generic.C5369784
McAfee	Artemis!4073BA4D8574
Cylance	unsafe
Rising	Trojan.Generic@AI.100 (RDML:Cln1ZSgonoQjkoX8O/qjww)
Ikarus	Trojan.Win32.Crypt
MaxSecure	Trojan.Malware.300983.susgen
BitDefenderTheta	Gen:NN.ZexaF.36164.mvW@a8mpZn
AVG	Win32:Evo-gen [Trj]
DeepInstinct	MALICIOUS

4k4wuzs.exe