test1.exe| Category | Machine | Started | Completed |
|---|---|---|---|
| FILE | s1_win7_x6401 | Jan. 6, 2024, 10:31 a.m. | Jan. 6, 2024, 10:43 a.m. |
-
test1.exe "C:\Users\test22\AppData\Local\Temp\test1.exe"
2548
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| No hosts contacted. | ||
| IP Address | Status | Action |
|---|---|---|
| No hosts contacted. | ||
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
| section | .symtab |
| section | {u'size_of_data': u'0x0077ee00', u'virtual_address': u'0x0007c000', u'entropy': 7.94395242459032, u'name': u'.rdata', u'virtual_size': u'0x0077ec38'} | entropy | 7.94395242459 | description | A section with a high entropy has been found | |||||||||
| entropy | 0.9296875 | description | Overall entropy of this PE file is high | |||||||||||
| Bkav | W64.AIDetectMalware |
| Lionic | Trojan.Win32.Generic.4!c |
| Skyhigh | BehavesLike.Win64.Ctsinf.rc |
| McAfee | Artemis!962824CCA80E |
| Malwarebytes | Generic.Malware/Suspicious |
| Sangfor | Trojan.Win32.Save.a |
| Cybereason | malicious.a34b5a |
| Symantec | ML.Attribute.HighConfidence |
| Elastic | malicious (high confidence) |
| APEX | Malicious |
| Cynet | Malicious (score: 100) |
| Avast | FileRepMalware [Misc] |
| SentinelOne | Static AI - Suspicious PE |
| Jiangmin | Trojan.Goshell.f |
| Webroot | W32.Malware.Gen |
| Varist | W64/Rozena.HS.gen!Eldorado |
| Microsoft | Trojan:Win32/Phonzy.B!ml |
| Gridinsoft | Trojan.Win64.Agent.sa |
| Detected | |
| Cylance | unsafe |
| Panda | Trj/Chgt.AD |
| Ikarus | Trojan.WinGo.Agent |
| Fortinet | W32/PossibleThreat |
| AVG | FileRepMalware [Misc] |
| DeepInstinct | MALICIOUS |