CT360.exe| Category | Machine | Started | Completed |
|---|---|---|---|
| FILE | s1_win7_x6401 | May 26, 2023, 5:44 p.m. | May 26, 2023, 5:52 p.m. |
-
CT360.exe "C:\Users\test22\AppData\Local\Temp\CT360.exe"
2548
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| No hosts contacted. | ||
| IP Address | Status | Action |
|---|---|---|
| No hosts contacted. | ||
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
| packer | UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser |
| description | CT360.exe tried to sleep 240 seconds, actually delayed analysis time by 0 seconds | |||
| name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x0003b638 | size | 0x000004e8 | ||||||||||||||||||
| name | RT_ICON | language | LANG_CHINESE | filetype | data | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x000951b0 | size | 0x00000468 | ||||||||||||||||||
| name | RT_ICON | language | LANG_CHINESE | filetype | data | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x000951b0 | size | 0x00000468 | ||||||||||||||||||
| name | RT_ICON | language | LANG_CHINESE | filetype | data | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x000951b0 | size | 0x00000468 | ||||||||||||||||||
| name | RT_ICON | language | LANG_CHINESE | filetype | data | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x000951b0 | size | 0x00000468 | ||||||||||||||||||
| name | RT_ICON | language | LANG_CHINESE | filetype | data | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x000951b0 | size | 0x00000468 | ||||||||||||||||||
| name | RT_ICON | language | LANG_CHINESE | filetype | data | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x000951b0 | size | 0x00000468 | ||||||||||||||||||
| name | RT_ICON | language | LANG_CHINESE | filetype | data | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x000951b0 | size | 0x00000468 | ||||||||||||||||||
| name | RT_ICON | language | LANG_CHINESE | filetype | data | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x000951b0 | size | 0x00000468 | ||||||||||||||||||
| name | RT_ICON | language | LANG_CHINESE | filetype | data | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x000951b0 | size | 0x00000468 | ||||||||||||||||||
| name | RT_ICON | language | LANG_CHINESE | filetype | data | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x000951b0 | size | 0x00000468 | ||||||||||||||||||
| name | RT_ICON | language | LANG_CHINESE | filetype | data | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x000951b0 | size | 0x00000468 | ||||||||||||||||||
| name | RT_ICON | language | LANG_CHINESE | filetype | data | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x000951b0 | size | 0x00000468 | ||||||||||||||||||
| name | RT_GROUP_ICON | language | LANG_CHINESE | filetype | data | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x00095618 | size | 0x000000a0 | ||||||||||||||||||
| name | RT_GROUP_ICON | language | LANG_CHINESE | filetype | data | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x00095618 | size | 0x000000a0 | ||||||||||||||||||
| name | RT_VERSION | language | LANG_CHINESE | filetype | data | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x0009d480 | size | 0x00000274 | ||||||||||||||||||
| wmi | SELECT * FROM MSAcpi_ThermalZoneTemperature |
| section | {u'size_of_data': u'0x00027c00', u'virtual_address': u'0x00074000', u'entropy': 7.922041011466881, u'name': u'UPX1', u'virtual_size': u'0x00028000'} | entropy | 7.92204101147 | description | A section with a high entropy has been found | |||||||||
| entropy | 0.960725075529 | description | Overall entropy of this PE file is high | |||||||||||
| section | UPX0 | description | Section name indicates UPX | ||||||
| section | UPX1 | description | Section name indicates UPX | ||||||
| Bkav | W32.AIDetectMalware |
| Lionic | Trojan.Win32.Generic.4!c |
| Elastic | malicious (moderate confidence) |
| Cynet | Malicious (score: 100) |
| ALYac | Gen:Variant.Symmi.64868 |
| Cylance | unsafe |
| Sangfor | Suspicious.Win32.Save.a |
| BitDefender | Gen:Variant.Symmi.64868 |
| Cybereason | malicious.2802ca |
| Symantec | ML.Attribute.HighConfidence |
| ESET-NOD32 | a variant of Win32/Kryptik.HTOY |
| APEX | Malicious |
| Kaspersky | UDS:DangerousObject.Multi.Generic |
| MicroWorld-eScan | Gen:Variant.Symmi.64868 |
| Avast | CrypterX-gen [Trj] |
| Rising | Trojan.Kryptik!8.8 (CLOUD) |
| Emsisoft | Gen:Variant.Symmi.64868 (B) |
| VIPRE | Gen:Variant.Symmi.64868 |
| McAfee-GW-Edition | BehavesLike.Win32.Trojan.cc |
| Trapmine | malicious.high.ml.score |
| FireEye | Generic.mg.89f34702802ca7e9 |
| Sophos | Mal/Generic-S |
| Ikarus | Win32.Outbreak |
| GData | Win32.Trojan.PSE.P3253E |
| Jiangmin | Trojan.Generic.hchwh |
| Antiy-AVL | Trojan/Win32.Agentb |
| Arcabit | Trojan.Symmi.DFD64 |
| ZoneAlarm | UDS:DangerousObject.Multi.Generic |
| Microsoft | Trojan:Win32/Sabsik.FL.B!ml |
| McAfee | Artemis!89F34702802C |
| MAX | malware (ai score=88) |
| Malwarebytes | Malware.Heuristic.1003 |
| Yandex | Trojan.Kryptik!umEfyHV44Rk |
| MaxSecure | Trojan.Malware.300983.susgen |
| BitDefenderTheta | Gen:NN.ZexaF.36196.kmKfa0@xDlpj |
| AVG | CrypterX-gen [Trj] |
| DeepInstinct | MALICIOUS |
| CrowdStrike | win/malicious_confidence_70% (W) |