Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6401 | Jan. 6, 2024, 10:40 a.m. | Jan. 6, 2024, 10:52 a.m. |
-
build.exe "C:\Users\test22\AppData\Local\Temp\build.exe"
2564 -
explorer.exe C:\Windows\Explorer.EXE
1452
Name | Response | Post-Analysis Lookup |
---|---|---|
No hosts contacted. |
IP Address | Status | Action |
---|---|---|
No hosts contacted. |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
file | C:\Users\test22\AppData\Local\Temp\onefile_2564_133489860498750000\stub.exe |
file | C:\Users\test22\AppData\Local\Temp\onefile_2564_133489860498750000\sqlite3.dll |
file | C:\Users\test22\AppData\Local\Temp\onefile_2564_133489860498750000\libcrypto-1_1.dll |
file | C:\Users\test22\AppData\Local\Temp\onefile_2564_133489860498750000\python310.dll |
file | C:\Users\test22\AppData\Local\Temp\onefile_2564_133489860498750000\python3.dll |
file | C:\Users\test22\AppData\Local\Temp\onefile_2564_133489860498750000\vcruntime140.dll |
file | C:\Users\test22\AppData\Local\Temp\onefile_2564_133489860498750000\libffi-7.dll |
file | C:\Users\test22\AppData\Local\Temp\onefile_2564_133489860498750000\libssl-1_1.dll |
section | {u'size_of_data': u'0x00a8e400', u'virtual_address': u'0x00036000', u'entropy': 7.999140877352578, u'name': u'.rsrc', u'virtual_size': u'0x00a8e368'} | entropy | 7.99914087735 | description | A section with a high entropy has been found | |||||||||
entropy | 0.988206253428 | description | Overall entropy of this PE file is high |
file | C:\Users\test22\AppData\Local\Temp\onefile_2564_133489860498750000\stub.exe |
Bkav | W64.AIDetectMalware |
Lionic | Trojan.Win32.Worgtop.d!c |
MicroWorld-eScan | Gen:Variant.Tedy.498670 |
Skyhigh | BehavesLike.Win64.Dropper.vc |
McAfee | Artemis!0F789EF1E0DE |
Malwarebytes | Malware.AI.3899173217 |
VIPRE | Gen:Variant.Tedy.498670 |
Alibaba | Packed:Win64/Nuitka_AGen.2f30668b |
Arcabit | Trojan.Tedy.D79BEE |
Symantec | ML.Attribute.HighConfidence |
Elastic | malicious (high confidence) |
ESET-NOD32 | a variant of Python/Packed.Nuitka_AGen.U suspicious |
APEX | Malicious |
Kaspersky | UDS:DangerousObject.Multi.Generic |
BitDefender | Gen:Variant.Tedy.498670 |
Avast | Win64:Evo-gen [Trj] |
Emsisoft | Gen:Variant.Tedy.498670 (B) |
Zillya | Trojan.Agent.Win32.3784133 |
TrendMicro | Trojan.Win64.PRIVATELOADER.YXEAFZ |
Sophos | Mal/Generic-S |
SentinelOne | Static AI - Malicious PE |
MAX | malware (ai score=82) |
Webroot | W32.Trojan.FL |
Antiy-AVL | GrayWare/Win32.Wacapew |
Kingsoft | Win32.Troj.Undef.a |
Gridinsoft | Ransom.Win64.Sabsik.sa |
Microsoft | Trojan:Win32/Znyonm |
ZoneAlarm | UDS:DangerousObject.Multi.Generic |
GData | Gen:Variant.Tedy.498670 |
Cynet | Malicious (score: 100) |
AhnLab-V3 | Trojan/Win.Evo-gen.R626445 |
Cylance | unsafe |
Tencent | Malware.Win32.Gencirc.10bf714a |
Ikarus | PUA.Python.Nuitka |
Fortinet | Riskware/Application |
AVG | Win64:Evo-gen [Trj] |
DeepInstinct | MALICIOUS |
CrowdStrike | win/malicious_confidence_90% (D) |