Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Sept. 30, 2023, 1:09 p.m.	Sept. 30, 2023, 1:21 p.m.

Size	1.2MB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`e6692c8fef5862964a4a82d5c58ba709`
SHA256	`9869bb41ffe09d22186b35318067780a764c929ef94823fc21c5093520bcf9a3`
CRC32	`01291B45`
ssdeep	`24576:G1vuE03HfGvF4TLt7oj7v0zvr3974W1PbijMT6YFbs7pmqBTxV81GFbwzFVc+:+6XfGvW17iWbijMeYFbs70qBT81GFbwx`
Yara	Malicious_Library_Zero - Malicious_Library UPX_Zero - UPX packed file PE_Header_Zero - PE File Signature IsPE32 - (no description) Malicious_Packer_Zero - Malicious Packer OS_Processor_Check_Zero - OS Processor Check

StealerClient_Cpp.exe "C:\Users\test22\AppData\Local\Temp\StealerClient_Cpp.exe"
2552

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

File has been identified by 56 AntiVirus engines on VirusTotal as malicious (50 out of 56 events)

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.RisePro.4!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Doina.61108
FireEye	Gen:Variant.Doina.61108
McAfee	Artemis!E6692C8FEF58
Malwarebytes	Spyware.PasswordStealer
Sangfor	Infostealer.Win32.Risepro.V5om
K7AntiVirus	Trojan ( 005969e31 )
Alibaba	TrojanPSW:Win32/RisePro.e97310ac
K7GW	Trojan ( 005969e31 )
CrowdStrike	win/malicious_confidence_100% (W)
Arcabit	Trojan.Doina.DEEB4
BitDefenderTheta	Gen:NN.ZexaF.36722.ov0@a8wRi2ok
VirIT	Trojan.Win32.Genus.THX
Cyren	W32/ABRisk.BOAK-7046
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Agent.ADVG
APEX	Malicious
Kaspersky	Trojan-PSW.Win32.RisePro.cb
BitDefender	Gen:Variant.Doina.61108
Avast	Win32:MalwareX-gen [Trj]
Tencent	Malware.Win32.Gencirc.13f02975
Emsisoft	Gen:Variant.Doina.61108 (B)
F-Secure	Trojan.TR/Agent.elloe
VIPRE	Gen:Variant.Doina.61108
TrendMicro	Trojan.Win32.PRIVATELOADER.YXDI1Z
McAfee-GW-Edition	BehavesLike.Win32.Dropper.th
Trapmine	suspicious.low.ml.score
Sophos	Mal/Generic-S
SentinelOne	Static AI - Suspicious PE
Jiangmin	Trojan.PSW.RisePro.w
Webroot	W32.Malware.Gen
Google	Detected
Avira	TR/Agent.elloe
MAX	malware (ai score=84)
Antiy-AVL	GrayWare/Win32.Wacapew
Kingsoft	Win32.Troj.Unknown.a
Gridinsoft	Malware.Win32.Gen.bot
Microsoft	Trojan:Win32/Znyonm
ZoneAlarm	Trojan-PSW.Win32.RisePro.cb
GData	Gen:Variant.Doina.61108
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win.Generic.R606193
VBA32	BScope.Trojan.Agent
ALYac	Gen:Variant.Doina.61108
Cylance	unsafe
Panda	Trj/Chgt.AD
TrendMicro-HouseCall	Trojan.Win32.PRIVATELOADER.YXDI1Z
Rising	Downloader.Agent!1.D93C (CLASSIC)

StealerClient_Cpp.exe

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All