Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	May 14, 2023, 5:02 p.m.	May 14, 2023, 5:40 p.m.

Size	335.5KB
Type	PE32+ executable (GUI) x86-64, for MS Windows
MD5	`a14d01d96ea78f39f7e118582dad3cb9`
SHA256	`6c6345c6f0a5beadc4616170c87ec8a577de185d53345581e1b00e72af24c13e`
CRC32	`259AFB07`
ssdeep	`6144:xFH8RIT6Fam4StJ3rXDW49wY7SkzU0iaODgKYleQ4HzP:xWdtXDzCwGMAP`
PDB Path	dxdiag.pdb
Yara	UPX_Zero - UPX packed file Win32_Trojan_Gen_2_0904B0_Zero - Win32 Trojan Gen Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet Malicious_Library_Zero - Malicious_Library IsPE64 - (no description) PE_Header_Zero - PE File Signature

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
208.95.112.1	Active	Moloch

No Suricata Alerts

No Suricata TLS

pdb_path

dxdiag.pdb

resource name

MUI

host

208.95.112.1

FireEye	Trojan.Generic.33695277
McAfee	RDN/Generic Downloader.x
Cylance	unsafe
Arcabit	Trojan.Generic.D202262D
ESET-NOD32	a variant of Win64/TrojanDownloader.Agent.ACM
APEX	Malicious
Paloalto	generic.ml
Kaspersky	UDS:DangerousObject.Multi.Generic
BitDefender	Trojan.Generic.33695277
MicroWorld-eScan	Trojan.Generic.33695277
Avast	FileRepMalware [Drp]
Tencent	Win64.Trojan-Downloader.Oader.Dkjl
Emsisoft	Trojan.Generic.33695277 (B)
VIPRE	Trojan.Generic.33695277
McAfee-GW-Edition	RDN/Generic Downloader.x
Sophos	Mal/Generic-S
Webroot	W32.Trojan.Gen
Gridinsoft	Ransom.Win64.Sabsik.sa
Xcitium	Malware@#2cb6lk3jwq160
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
ZoneAlarm	UDS:DangerousObject.Multi.Generic
GData	Trojan.Generic.33695277
Google	Detected
AhnLab-V3	Malware/Win.Generic.C5419249
ALYac	Trojan.Generic.33695277
MAX	malware (ai score=81)
Rising	Downloader.Agent!8.B23 (TFE:5:ymdkToqZoCK)
Ikarus	Trojan-Downloader.Win64.Agent
MaxSecure	Trojan.Malware.1728101.susgen
Fortinet	Malicious_Behavior.SB
AVG	FileRepMalware [Drp]
DeepInstinct	MALICIOUS

ppls25.exe