Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	Nov. 9, 2023, 9:42 a.m.	Nov. 9, 2023, 9:42 a.m.

Size	81.5KB
Type	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`2239cbbc9e09382c8c1e7a6b94b547a9`
SHA256	`b88beb82964ab496154c0e441b831b5d4d178f997a13aac0f9b9974684a5f7e1`
CRC32	`43CC37D0`
ssdeep	`1536:Ag/bpBk9Pr/WzFcZo9Lrf9gJw/9bVXV3eJG53G73mxdvda:F/3ktCzprow/9bVXV32GhNvw`
Yara	Is_DotNET_DLL - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description) Antivirus - Contains references to security software Generic_Malware_Zero - Generic Malware

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

The binary likely contains encrypted or compressed data indicative of a packer (2 events)

section

{u'size_of_data': u'0x00013e00', u'virtual_address': u'0x00002000', u'entropy': 6.8446585957516035, u'name': u'.text', u'virtual_size': u'0x00013d44'}

entropy

6.84465859575

description

A section with a high entropy has been found

entropy

0.981481481481

description

Overall entropy of this PE file is high

File has been identified by 35 AntiVirus engines on VirusTotal as malicious (35 events)

Lionic	Trojan.Win32.GenMalicious.4!c
ClamAV	Win.Trojan.Bladbindi-1
Skyhigh	Artemis!Trojan
ALYac	Gen:Variant.MSILHeracles.121638
VIPRE	Gen:Variant.MSILHeracles.121638
Sangfor	Trojan.Win32.Agent.Vsg5
CrowdStrike	win/malicious_confidence_100% (W)
BitDefender	Gen:Variant.MSILHeracles.121638
Symantec	Trojan.Gen.MBT
Elastic	malicious (moderate confidence)
ESET-NOD32	a variant of MSIL/TrojanDownloader.Agent.PIX
Kaspersky	UDS:Trojan.Win32.GenericML.xnet
Alibaba	Trojan:MSIL/GenMalicious.6ef2c4e1
MicroWorld-eScan	Gen:Variant.MSILHeracles.121638
Sophos	Mal/Generic-S
TrendMicro	TROJ_GEN.R002C0WK323
FireEye	Gen:Variant.MSILHeracles.121638
Emsisoft	Gen:Variant.MSILHeracles.121638 (B)
Google	Detected
Antiy-AVL	Trojan[Downloader]/MSIL.Agent
Microsoft	Trojan:Win32/Wacatac.B!ml
Arcabit	Trojan.MSILHeracles.D1DB26
ZoneAlarm	UDS:Trojan.Win32.GenericML.xnet
GData	Gen:Variant.MSILHeracles.121638
AhnLab-V3	Trojan/Win32.RL_Generic.C4281038
McAfee	Artemis!2239CBBC9E09
MAX	malware (ai score=85)
DeepInstinct	MALICIOUS
Panda	Trj/Chgt.AD
TrendMicro-HouseCall	TROJ_GEN.R002C0WK323
Tencent	Msil.Trojan-Downloader.Ader.Gplw
SentinelOne	Static AI - Malicious PE
Fortinet	MSIL/Injector.UWS!tr
AVG	MSIL:GenMalicious-CQL [Trj]
Avast	MSIL:GenMalicious-CQL [Trj]

new_image.jpg.exe

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All