Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6401 | Jan. 11, 2024, 7:33 a.m. | Jan. 11, 2024, 7:35 a.m. |
-
build.exe "C:\Users\test22\AppData\Local\Temp\build.exe"
2572 -
explorer.exe C:\Windows\Explorer.EXE
1452
Name | Response | Post-Analysis Lookup |
---|---|---|
No hosts contacted. |
IP Address | Status | Action |
---|---|---|
No hosts contacted. |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
file | C:\Users\test22\AppData\Local\Temp\onefile_2572_133494079860781250\libcrypto-1_1.dll |
file | C:\Users\test22\AppData\Local\Temp\onefile_2572_133494079860781250\libffi-7.dll |
file | C:\Users\test22\AppData\Local\Temp\onefile_2572_133494079860781250\python3.dll |
file | C:\Users\test22\AppData\Local\Temp\onefile_2572_133494079860781250\sqlite3.dll |
file | C:\Users\test22\AppData\Local\Temp\onefile_2572_133494079860781250\vcruntime140.dll |
file | C:\Users\test22\AppData\Local\Temp\onefile_2572_133494079860781250\libssl-1_1.dll |
file | C:\Users\test22\AppData\Local\Temp\onefile_2572_133494079860781250\stub.exe |
file | C:\Users\test22\AppData\Local\Temp\onefile_2572_133494079860781250\python310.dll |
section | {u'size_of_data': u'0x00a8e400', u'virtual_address': u'0x00036000', u'entropy': 7.99914374450434, u'name': u'.rsrc', u'virtual_size': u'0x00a8e3c0'} | entropy | 7.9991437445 | description | A section with a high entropy has been found | |||||||||
entropy | 0.988206253428 | description | Overall entropy of this PE file is high |
file | C:\Users\test22\AppData\Local\Temp\onefile_2572_133494079860781250\stub.exe |
Bkav | W64.AIDetectMalware |
Lionic | Trojan.Win32.Nuitka.4!c |
MicroWorld-eScan | Gen:Variant.Tedy.498670 |
Skyhigh | BehavesLike.Win64.Dropper.vc |
McAfee | Artemis!1D5084678B97 |
Malwarebytes | Malware.AI.3899173217 |
Zillya | Trojan.Agent.Win32.3784133 |
Alibaba | Packed:Win64/Nuitka_AGen.2f30668b |
Symantec | ML.Attribute.HighConfidence |
Elastic | malicious (high confidence) |
ESET-NOD32 | a variant of Python/Packed.Nuitka_AGen.U suspicious |
APEX | Malicious |
Kaspersky | UDS:DangerousObject.Multi.Generic |
BitDefender | Gen:Variant.Tedy.498670 |
Avast | Win64:Evo-gen [Trj] |
Tencent | Malware.Win32.Gencirc.10bf714a |
Emsisoft | Gen:Variant.Tedy.498670 (B) |
VIPRE | Gen:Variant.Tedy.498670 |
Sophos | Mal/Generic-S |
Ikarus | PUA.Python.Nuitka |
Webroot | W32.Trojan.FL |
Detected | |
Varist | W64/ABRisk.GBSM-1675 |
Antiy-AVL | GrayWare/Win32.Wacapew |
Kingsoft | Win32.Troj.Undef.a |
Microsoft | Trojan:Win32/Znyonm |
Gridinsoft | Ransom.Win64.Sabsik.sa |
Arcabit | Trojan.Tedy.D79BEE |
ZoneAlarm | UDS:DangerousObject.Multi.Generic |
GData | Gen:Variant.Tedy.498670 |
Cynet | Malicious (score: 100) |
AhnLab-V3 | Trojan/Win.Evo-gen.R626445 |
Cylance | unsafe |
TrendMicro-HouseCall | TROJ_GEN.R002H07AA24 |
Rising | Trojan.Znyonm!8.18A3A (CLOUD) |
SentinelOne | Static AI - Malicious PE |
Fortinet | Riskware/Application |
AVG | Win64:Evo-gen [Trj] |
DeepInstinct | MALICIOUS |
CrowdStrike | win/malicious_confidence_90% (D) |