Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Dec. 4, 2023, 3:38 p.m.	Dec. 4, 2023, 3:38 p.m.

Size	15.2MB
Type	PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
MD5	`6b44d99b258c275ee7fcf230da177f3e`
SHA256	`1aecadf489a6dd7a3a6e5dfda9425673a9d04d38a5cb6b0b8f961536c11237ed`
CRC32	`3DE42407`
ssdeep	`98304:KXX+aiZFtuYvgK408HLwkoS9fye+ZV6zEmHyd6ceCSGp:K0tzvf4bHUkT9fd+ZdmPk`
Yara	Malicious_Packer_Zero - Malicious Packer PE_Header_Zero - PE File Signature IsPE64 - (no description) UPX_Zero - UPX packed file

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

The executable contains unknown PE section names indicative of a packer (could be a false positive) (1 event)

section

.symtab

File has been identified by 43 AntiVirus engines on VirusTotal as malicious (43 events)

Bkav	W64.AIDetectMalware
Lionic	Trojan.Win32.DeepScan.4!c
MicroWorld-eScan	DeepScan:Generic.Trojan.Tango.Marte.I.DD280D02
CAT-QuickHeal	Trojan.Multi
Skyhigh	BehavesLike.Win64.Sliver.wh
ALYac	DeepScan:Generic.Trojan.Tango.Marte.I.DD280D02
Malwarebytes	Generic.Malware/Suspicious
VIPRE	DeepScan:Generic.Trojan.Tango.Marte.I.DD280D02
Sangfor	HackTool.Win32.Sliver_Implant_64bit.uwccg
K7AntiVirus	Trojan ( 0059f2e01 )
Alibaba	Trojan:Win32/Sliver.85a60add
K7GW	Trojan ( 0059f2e01 )
CrowdStrike	win/malicious_confidence_100% (W)
Symantec	ML.Attribute.HighConfidence
Elastic	Multi.Trojan.Sliver
ESET-NOD32	a variant of WinGo/Agent.LO
Cynet	Malicious (score: 99)
ClamAV	Win.File.Sliver-9942542-0
Kaspersky	HEUR:Trojan.Multi.MalGO.gen
BitDefender	DeepScan:Generic.Trojan.Tango.Marte.I.DD280D02
Avast	Win64:MalwareX-gen [Trj]
Tencent	Win32.Trojan.Malgo.Vmhl
Emsisoft	DeepScan:Generic.Trojan.Tango.Marte.I.DD280D02 (B)
F-Secure	Hack-Tool:W32/SBeacon.A
TrendMicro	Backdoor.Win64.SILVER.SMYXCFWAZ
FireEye	DeepScan:Generic.Trojan.Tango.Marte.I.DD280D02
Sophos	ATK/Sliver-B
SentinelOne	Static AI - Malicious PE
Avira	HEUR/AGEN.1366847
MAX	malware (ai score=89)
Antiy-AVL	HackTool[VirTool]/Win32.Sliver
Kingsoft	Win32.Troj.Unknown.a
Microsoft	VirTool:Win32/Sliver.D!MTB
Gridinsoft	Trojan.Win64.Agent.sa
Arcabit	DeepScan:Generic.Trojan.Tango.Marte.I.DD280D02
ZoneAlarm	HEUR:Trojan.Multi.MalGO.gen
GData	DeepScan:Generic.Trojan.Tango.Marte.I.DD280D02
AhnLab-V3	Trojan/Win.Sliver.R598949
Cylance	unsafe
Ikarus	Win32.Outbreak
MaxSecure	Trojan.Malware.300983.susgen
AVG	Win64:MalwareX-gen [Trj]
DeepInstinct	MALICIOUS

WILD_PRIDE.exe

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All