Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	July 18, 2023, 6:21 p.m.	July 18, 2023, 6:27 p.m.

Size	7.7MB
Type	PE32+ executable (console) x86-64, for MS Windows
MD5	`055eaec478c4a8490041b8fa3db1119d`
SHA256	`2d4adb8e894b22d6c60c3877995ba5e9845ec6005fc95382c395396eb84b1e73`
CRC32	`6BF2A47C`
ssdeep	`196608:83OKhONe8nIO7AEXz+992YhlXPBaPS0yc+PfSWUQpdiRNC:83OKIe8eEq99Xhl/BuTQpdd`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
164.124.101.2	Active	Moloch

No Suricata Alerts

No Suricata TLS

Time & API	Arguments	Status	Return	Repeated
IsDebuggerPresent July 18, 2023, 6:21 p.m.			0	0

section

{u'size_of_data': u'0x007b5000', u'virtual_address': u'0x03fa5000', u'entropy': 7.999976341029437, u'name': u'UPX1', u'virtual_size': u'0x007b5000'}

entropy

7.99997634103

description

A section with a high entropy has been found

entropy

0.999809970229

description

Overall entropy of this PE file is high

section	UPX0				description	Section name indicates UPX
section	UPX1				description	Section name indicates UPX

Lionic	Riskware.Win32.Lazy.1!c
MicroWorld-eScan	Gen:Variant.Application.Lazy.335746
FireEye	Generic.mg.055eaec478c4a849
McAfee	Artemis!055EAEC478C4
Malwarebytes	RiskWare.CoinMiner
VIPRE	Gen:Variant.Application.Lazy.335746
Sangfor	CoinMiner.Win64.Lazy.V4dy
K7AntiVirus	Adware ( 00576ae61 )
Alibaba	RiskWare:Win64/Miners.8e640f91
K7GW	Adware ( 00576ae61 )
CrowdStrike	win/grayware_confidence_70% (W)
Arcabit	Trojan.Application.Lazy.D51F82
Cyren	W64/ABApplication.FEOG-2378
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (moderate confidence)
ESET-NOD32	a variant of Win64/CoinMiner.PM potentially unwanted
Kaspersky	not-a-virus:RiskTool.Win32.BitCoinMiner.ootc
BitDefender	Gen:Variant.Application.Lazy.335746
Avast	Win64:MiscX-gen [PUP]
Tencent	Win32.Trojan.FalseSign.Uwhl
Emsisoft	Gen:Variant.Application.Lazy.335746 (B)
Zillya	Tool.BitCoinMiner.Win32.42197
McAfee-GW-Edition	Artemis!PUP
Trapmine	malicious.high.ml.score
Sophos	Generic Reputation PUA (PUA)
Jiangmin	RiskTool.Generic.pfy
Webroot	W32.Coinminer
Antiy-AVL	RiskWare[RiskTool]/Win32.BitCoinMiner
Gridinsoft	Trojan.CoinMiner.dd!c
ZoneAlarm	not-a-virus:RiskTool.Win32.BitCoinMiner.ootc
GData	Gen:Variant.Application.Lazy.335746
Google	Detected
AhnLab-V3	Win-Trojan/Miner3.Exp
ALYac	Gen:Variant.Application.Lazy.335746
MAX	malware (ai score=79)
Cylance	unsafe
Rising	HackTool.CoinMiner!8.F154 (TFE:5:zgu3mDMiJD)
Yandex	Trojan.Igent.bZ90oo.8
Ikarus	PUA.CoinMiner
MaxSecure	Trojan.Malware.208143934.susgen
Fortinet	Adware/Miner
AVG	Win64:MiscX-gen [PUP]
DeepInstinct	MALICIOUS

lolMiner.exe