Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	May 2, 2023, 4:40 p.m.	May 2, 2023, 4:43 p.m.

Size	352.1KB
Type	PE32 executable (console) Intel 80386, for MS Windows
MD5	`5812c5ec8f81f425d2bc75343e13358d`
SHA256	`a8a235ab55e16f8f8e31b70ae3ad1fb1e8ac29f705d0801fec83d1bb66c3c622`
CRC32	`CF7D0950`
ssdeep	`6144:8ga/FSEyeLXFFWxO9QvIdcDkoD7YEWPt4mj5Mgdz3DNOu6H8PI:8djyeuxbvucDkoD5WP/Dz3DNOu6H9`
Yara	UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check IsPE32 - (no description) PE_Header_Zero - PE File Signature Malicious_Library_Zero - Malicious_Library

zxz668%20%282%29.exe "C:\Users\test22\AppData\Local\Temp\zxz668%20%282%29.exe"
1932

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

No Suricata Alerts

No Suricata TLS

Time & API	Arguments	Status	Return	Repeated
NtProtectVirtualMemory May 2, 2023, 4:40 p.m.	process_identifier: 1932 stack_dep_bypass: 1 stack_pivoted: 0 heap_dep_bypass: 1 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0018f000 process_handle: 0xffffffff	1	0	0

Bkav	W32.AIDetectMalware
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Jaik.143490
ALYac	Gen:Variant.Jaik.143490
ESET-NOD32	a variant of Win32/Kryptik.HTHW
APEX	Malicious
Kaspersky	VHO:Trojan-PSW.Win32.Convagent.gen
BitDefender	Gen:Variant.Jaik.143490
Avast	Win32:AdwareX-gen [Adw]
Emsisoft	Gen:Variant.Jaik.143490 (B)
VIPRE	Gen:Variant.Jaik.143490
Trapmine	malicious.moderate.ml.score
FireEye	Gen:Variant.Jaik.143490
GData	Gen:Variant.Jaik.143490
MAX	malware (ai score=87)
Arcabit	Trojan.Jaik.D23082
ZoneAlarm	VHO:Trojan-PSW.Win32.Convagent.gen
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Google	Detected
Cylance	unsafe
Rising	Trojan.Generic@AI.87 (RDMK:cmRtazqDkYLD5NFXHSJPwduP8DtH)
Ikarus	Trojan.Win32.Crypt
MaxSecure	PSW.W32.Coins.gen_265938
AVG	Win32:AdwareX-gen [Adw]
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_90% (W)

zxz668%20%282%29.exe