popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

demon.exe

Generic Malware PE64 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 Dec. 14, 2023, 6:47 p.m. Dec. 14, 2023, 7:03 p.m.
Size 100.0KB
Type PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
MD5 e402b4d496e16fb8e2fc44bf12c9cc4e
SHA256 3aad93d064d729509e499014d59f0c5b3d290f5d130bcba94e2d8f069d8881dd
CRC32 3CC6EED7
ssdeep 1536:wkJIalOYktfCM83v6pq9UVE/kGE5+Kb+LwoMSJZNx5FOSxdbz:/lITtfCMT2UVE/kOXMSJZDPOSxdb
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
  • Generic_Malware_Zero - Generic Malware

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
113.52.134.114 Active Moloch
164.124.101.2 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

GetAdaptersAddresses

 flags: 15
family: 0
111 0
host 113.52.134.114
dead_host 113.52.134.114:4433
Bkav W64.AIDetectMalware
Elastic malicious (high confidence)
Cynet Malicious (score: 100)
Skyhigh BehavesLike.Win64.Generic.cm
ALYac Generic.Trojan.Havokiz.Marte.D.28D904C1
Cylance unsafe
VIPRE Generic.Trojan.Havokiz.Marte.D.28D904C1
Sangfor Backdoor.Win64.Havoc.Vugh
BitDefender Generic.Trojan.Havokiz.Marte.D.28D904C1
Arcabit Generic.Trojan.Havokiz.Marte.D.28D904C1
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of Win64/Havoc_AGen.E
APEX Malicious
McAfee Agent-FYC!E402B4D496E1
Avast Win64:Evo-gen [Trj]
Kaspersky UDS:DangerousObject.Multi.Generic
Alibaba Backdoor:Win64/Havokiz.ebbcd381
MicroWorld-eScan Generic.Trojan.Havokiz.Marte.D.28D904C1
Rising Backdoor.Havoc!8.970A (TFE:4:Muj2LsPTQQM)
Emsisoft Generic.Trojan.Havokiz.Marte.D.28D904C1 (B)
F-Secure Heuristic.HEUR/AGEN.1368308
FireEye Generic.Trojan.Havokiz.Marte.D.28D904C1
Sophos ATK/Havoc-G
Jiangmin Backdoor.C2.d
Google Detected
Avira HEUR/AGEN.1368308
MAX malware (ai score=87)
Antiy-AVL Trojan/Win64.Havoc
Microsoft Trojan:Win64/Havokiz.DX!MTB
ZoneAlarm UDS:DangerousObject.Multi.Generic
GData Generic.Trojan.Havokiz.Marte.D.28D904C1
DeepInstinct MALICIOUS
Malwarebytes Generic.Malware/Suspicious
Tencent Win64.Backdoor.C2.Ngil
SentinelOne Static AI - Malicious PE
AVG Win64:Evo-gen [Trj]
CrowdStrike win/malicious_confidence_70% (W)