dd4add6r.s6xlt.exe| Category | Machine | Started | Completed |
|---|---|---|---|
| FILE | s1_win7_x6401 | May 28, 2023, 1:44 p.m. | May 28, 2023, 2:14 p.m. |
-
dd4add6r.s6xlt.exe "C:\Users\test22\AppData\Local\Temp\dd4add6r.s6xlt.exe"
2552
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| No hosts contacted. | ||
| IP Address | Status | Action |
|---|---|---|
| No hosts contacted. | ||
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
| section | .FtMHL |
| section | kzqjs |
| section | {u'size_of_data': u'0x00070a00', u'virtual_address': u'0x0002a000', u'entropy': 7.95047336442686, u'name': u'.data', u'virtual_size': u'0x00072948'} | entropy | 7.95047336443 | description | A section with a high entropy has been found | |||||||||
| entropy | 0.730946450415 | description | Overall entropy of this PE file is high | |||||||||||
| Bkav | W32.AIDetectMalware |
| Elastic | malicious (high confidence) |
| McAfee | Artemis!63D2AB075242 |
| CrowdStrike | win/malicious_confidence_90% (W) |
| ESET-NOD32 | a variant of Win32/Kryptik.HTQK |
| Cynet | Malicious (score: 100) |
| APEX | Malicious |
| Kaspersky | UDS:DangerousObject.Multi.Generic |
| Avast | FileRepMalware [Pws] |
| McAfee-GW-Edition | Artemis!Trojan |
| Trapmine | malicious.high.ml.score |
| FireEye | Generic.mg.63d2ab075242a38f |
| Sophos | Generic ML PUA (PUA) |
| SentinelOne | Static AI - Suspicious PE |
| Gridinsoft | Trojan.Heur!.00012031 |
| ZoneAlarm | UDS:DangerousObject.Multi.Generic |
| Microsoft | Trojan:Win32/Sabsik.FL.B!ml |
| Detected | |
| VBA32 | BScope.TrojanPSW.RedLine |
| Cylance | unsafe |
| Ikarus | Trojan.Win32.Crypt |
| AVG | FileRepMalware [Pws] |
| DeepInstinct | MALICIOUS |