Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	May 30, 2023, 5:12 p.m.	May 30, 2023, 5:18 p.m.

Size	824.0KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`c12e38b35a365aeb19e001bf4ca76ae9`
SHA256	`eea7389ae1d616622a35333f910f2e7d22d7f95b34e69b5b0775d938d6e73460`
CRC32	`D64927D3`
ssdeep	`12288:S1YceAOSRak+MtRqqwcrktRj2Gu0VQMfWq+1lDY++RvRJx7P:S1zdtRNwoktRjFeMfWVlDYTvTt`
Yara	UPX_Zero - UPX packed file Obsidium_Zero - Obsidium protector file PE_Header_Zero - PE File Signature IsPE32 - (no description) Raccoon_Stealer_1_Zero - Raccoon Stealer Generic_Malware_Zero - Generic Malware

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

No Suricata Alerts

No Suricata TLS

resource name

WCVAE

section

{u'size_of_data': u'0x0006d000', u'virtual_address': u'0x00001000', u'entropy': 7.437452992093784, u'name': u'.text', u'virtual_size': u'0x0006c24c'}

entropy

7.43745299209

description

A section with a high entropy has been found

entropy

0.531707317073

description

Overall entropy of this PE file is high

Bkav	W32.AIDetectMalware
Cynet	Malicious (score: 100)
FireEye	Generic.mg.c12e38b35a365aeb
Cylance	unsafe
VIPRE	Gen:Variant.Tedy.375563
K7GW	Hacktool ( 700007861 )
Cybereason	malicious.35a365
Arcabit	Trojan.Tedy.D5BB0B
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Injector_AGen.XX
APEX	Malicious
BitDefender	Gen:Variant.Tedy.375563
MicroWorld-eScan	Gen:Variant.Tedy.375563
Sophos	Mal/VBCheMan-D
F-Secure	Heuristic.HEUR/AGEN.1324361
Trapmine	malicious.high.ml.score
Emsisoft	Gen:Variant.Tedy.375563 (B)
Avira	HEUR/AGEN.1324361
GData	Gen:Variant.Tedy.375563
Google	Detected
BitDefenderTheta	Gen:NN.ZevbaF.36250.Zq0@aa4cJHF
MAX	malware (ai score=84)
Malwarebytes	Trojan.LokiBot
Rising	Trojan.Injector!1.C6AF (CLASSIC)
SentinelOne	Static AI - Suspicious PE
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (W)

serfew.exe