Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	July 27, 2023, 10:24 a.m.	July 27, 2023, 10:29 a.m.

Size	2.1MB
Type	PE32+ executable (GUI) x86-64, for MS Windows
MD5	`d367dbc08b40198ffa3ccb0653345007`
SHA256	`85c01f298abee33fdb0f73b855765aef190aca021e89ddcb0ba3887989ecefd3`
CRC32	`73174691`
ssdeep	`49152:iSK1y8MYZR/WXnbKRBKiaKKkkVWEjBKMpSo8nfN0:UM1ODyWEjBKWCfN0`
Yara	UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check IsPE64 - (no description) Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature Malicious_Packer_Zero - Malicious Packer Generic_Malware_Zero - Generic Malware

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

No Suricata Alerts

No Suricata TLS

Elastic	malicious (moderate confidence)
Cynet	Malicious (score: 100)
Symantec	ML.Attribute.HighConfidence
Kaspersky	not-a-virus:UDS:RiskTool.Win32.BitCoinMiner.opbm
Rising	Hacktool.BitCoinMiner!8.648E (CLOUD)
Emsisoft	Trojan.GenericKD.68369144 (B)
TrendMicro	TrojanSpy.Win64.RUSTYSTEALER.YXDGZZ
McAfee-GW-Edition	BehavesLike.Win64.Rootkit.vm
FireEye	Trojan.GenericKD.68369144
Sophos	Generic Reputation PUA (PUA)
GData	Win32.Trojan-Downloader.Generic.BZWP41
Webroot	W32.Malware.Gen
Gridinsoft	Trojan.Win64.Gen.bot
ZoneAlarm	not-a-virus:UDS:RiskTool.Win32.BitCoinMiner.opbm
Microsoft	Trojan:Win32/Casdet!rfn
McAfee	Artemis!D367DBC08B40
MAX	malware (ai score=81)
DeepInstinct	MALICIOUS
TrendMicro-HouseCall	TrojanSpy.Win64.RUSTYSTEALER.YXDGZZ
CrowdStrike	win/malicious_confidence_70% (D)

main.exe