Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Dec. 7, 2023, 5:09 p.m.	Dec. 7, 2023, 5:09 p.m.

Size	12.0KB
Type	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`c0b7ffa3b6b89673fab5638e395cd4f5`
SHA256	`3676702ad2a49ab15bcf5b8b5e280cb6328d6a0c90b0b02df7034a963eeaa203`
CRC32	`2BCA741B`
ssdeep	`192:Tjs1xLb8LsGOszbkT1BZAuoIW1Pn/FMT6kIcZVU0zoFTpS2PO6Hfo:TjgxLoLtbzbuHZAuCn/FMT5Xbz0ZpS1R`
PDB Path	F:\Arquivos\Crypter bypass all and vbs e js 13-16-2023 original png\New Private Panell Src 3.0 PASTE.EE\New Private Panell Src 3.0\New Metod Defender Dll\ClassLibrary3\ClassLibrary3\obj\Release\ClassLibrary3.pdb
Yara	IsPE32 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) Antivirus - Contains references to security software Generic_Malware_Zero - Generic Malware Is_DotNET_DLL - (no description)

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

This executable has a PDB path (1 event)

pdb_path

F:\Arquivos\Crypter bypass all and vbs e js 13-16-2023 original png\New Private Panell Src 3.0 PASTE.EE\New Private Panell Src 3.0\New Metod Defender Dll\ClassLibrary3\ClassLibrary3\obj\Release\ClassLibrary3.pdb

File has been identified by 8 AntiVirus engines on VirusTotal as malicious (8 events)

Bkav	W32.AIDetectMalware.CS
CrowdStrike	win/malicious_confidence_60% (D)
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/TrojanDownloader.Agent.HUQ
APEX	Malicious
SentinelOne	Static AI - Suspicious PE
Cynet	Malicious (score: 100)
DeepInstinct	MALICIOUS

dll.jpg.exe

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All