Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6401 | Oct. 10, 2023, 7:41 a.m. | Oct. 10, 2023, 7:43 a.m. |
-
udat1.exe "C:\Users\test22\AppData\Local\Temp\udat1.exe"
2560
Name | Response | Post-Analysis Lookup |
---|---|---|
No hosts contacted. |
IP Address | Status | Action |
---|---|---|
No hosts contacted. |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
section | .gfids |
section | {u'size_of_data': u'0x0001e600', u'virtual_address': u'0x00021000', u'entropy': 7.134588847567097, u'name': u'.rdata', u'virtual_size': u'0x0001e5fa'} | entropy | 7.13458884757 | description | A section with a high entropy has been found | |||||||||
section | {u'size_of_data': u'0x00026600', u'virtual_address': u'0x00040000', u'entropy': 7.6173295886386345, u'name': u'.data', u'virtual_size': u'0x000274b8'} | entropy | 7.61732958864 | description | A section with a high entropy has been found | |||||||||
entropy | 0.674846625767 | description | Overall entropy of this PE file is high |
Bkav | W64.AIDetectMalware |
FireEye | Generic.mg.243b6e0960e9d3b6 |
McAfee | Artemis!243B6E0960E9 |
CrowdStrike | win/malicious_confidence_90% (W) |
Symantec | ML.Attribute.HighConfidence |
Elastic | malicious (high confidence) |
APEX | Malicious |
Cynet | Malicious (score: 100) |
Kaspersky | UDS:DangerousObject.Multi.Generic |
TrendMicro | TrojanSpy.Win64.VIDAR.YXDJIZ |
McAfee-GW-Edition | BehavesLike.Win64.BumbleBee.gc |
Trapmine | suspicious.low.ml.score |
Antiy-AVL | Trojan/Win64.GenKryptik |
Kingsoft | malware.kb.a.988 |
Gridinsoft | Spy.Win64.Vidar.bot |
Microsoft | Trojan:Win32/Casdet!rfn |
ZoneAlarm | UDS:DangerousObject.Multi.Generic |
TrendMicro-HouseCall | TrojanSpy.Win64.VIDAR.YXDJIZ |
SentinelOne | Static AI - Suspicious PE |
Cybereason | malicious.8823f8 |
DeepInstinct | MALICIOUS |