Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	May 11, 2023, 6:35 p.m.	May 11, 2023, 6:50 p.m.

Size	170.6KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
MD5	`c6db01a5743d408fc4f0c37ba58a281f`
SHA256	`55130719554a0b3dcbf971c646e6e668b663b796f4be09816d405cc15a16d7d6`
CRC32	`DB3284B5`
ssdeep	`3072:EwJ52Y7ZoH5XJaqKz8HIoLmM4jmrn+tt6JnShq3U2IAMJ3hL0yH3w:EwHysqKzL846r+v8noQU2lyvg`
Yara	UPX_Zero - UPX packed file Malicious_Library_Zero - Malicious_Library NSIS_Installer - Null Soft Installer PE_Header_Zero - PE File Signature IsPE32 - (no description)

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

No Suricata Alerts

No Suricata TLS

section

.ndata

file	C:\Users\test22\AppData\Local\Temp\nsf5432.tmp\System.dll

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Azorult.4!c
MicroWorld-eScan	Gen:Variant.Tedy.361853
FireEye	Gen:Variant.Tedy.361853
ALYac	Gen:Variant.Tedy.361853
Cylance	unsafe
Cynet	Malicious (score: 99)
K7AntiVirus	Riskware ( 0040eff71 )
Alibaba	TrojanPSW:Win32/Azorult.4641db0e
K7GW	Riskware ( 0040eff71 )
Cyren	W32/Injector.UBLV-0210
ESET-NOD32	NSIS/Injector.BVZ
APEX	Malicious
Paloalto	generic.ml
BitDefender	Gen:Variant.Tedy.361853
Tencent	Win32.Trojan-QQPass.QQRob.Vwhl
Sophos	Mal/Generic-S
VIPRE	Gen:Variant.Tedy.361853
Emsisoft	Gen:Variant.Tedy.361853 (B)
Avira	TR/PSW.Azorult.munvo
Gridinsoft	Ransom.Win32.AzorUlt.sa
Arcabit	Trojan.Tedy.D5857D
ZoneAlarm	HEUR:Trojan-PSW.Win32.Azorult.gen
Google	Detected
AhnLab-V3	Trojan/Win.Tnega.C5424984
MAX	malware (ai score=89)
Malwarebytes	Trojan.GuLoader.NSIS
Ikarus	Trojan.NSIS.Agent
Fortinet	NSIS/Injector.OSXR!tr
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_60% (D)

vbc.exe