55555.exe| Category | Machine | Started | Completed |
|---|---|---|---|
| FILE | s1_win7_x6403_us | Aug. 26, 2023, 9:20 p.m. | Aug. 26, 2023, 9:22 p.m. |
-
55555.exe "C:\Users\test22\AppData\Local\Temp\55555.exe"
1648
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| No hosts contacted. | ||
| IP Address | Status | Action |
|---|---|---|
| No hosts contacted. | ||
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
| section | _RDATA |
| file | C:\Users\test22\AppData\Local\Temp\extractor.dll |
| section | {u'size_of_data': u'0x00104a00', u'virtual_address': u'0x00026000', u'entropy': 7.34357861966386, u'name': u'.rdata', u'virtual_size': u'0x00104842'} | entropy | 7.34357861966 | description | A section with a high entropy has been found | |||||||||
| entropy | 0.863711681856 | description | Overall entropy of this PE file is high | |||||||||||
| Bkav | W32.AIDetectMalware.64 |
| Elastic | malicious (high confidence) |
| MicroWorld-eScan | Gen:Variant.Lazy.379194 |
| McAfee | Artemis!70D02E692F26 |
| VIPRE | Gen:Variant.Lazy.379194 |
| APEX | Malicious |
| BitDefender | Gen:Variant.Lazy.379194 |
| Avast | Win64:DropperX-gen [Drp] |
| McAfee-GW-Edition | Artemis |
| FireEye | Gen:Variant.Lazy.379194 |
| Emsisoft | Gen:Variant.Lazy.379194 (B) |
| MAX | malware (ai score=89) |
| Microsoft | Program:Win32/Wacapew.C!ml |
| Gridinsoft | Malware.Win64.Gen.cc |
| GData | Gen:Variant.Lazy.379194 |
| Cynet | Malicious (score: 100) |
| AhnLab-V3 | Trojan/Win.Leonem.C5474492 |
| Acronis | suspicious |
| ALYac | Gen:Variant.Lazy.379194 |
| Cylance | unsafe |
| TrendMicro-HouseCall | TROJ_GEN.R023H09HO23 |
| MaxSecure | Trojan.Malware.216070070.susgen |
| Fortinet | W32/PossibleThreat |
| AVG | Win64:DropperX-gen [Drp] |
| CrowdStrike | win/malicious_confidence_90% (W) |