Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	April 8, 2024, 6:28 p.m.	April 8, 2024, 6:28 p.m.

Size	176.8KB
Type	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`d43f2191937f519e0ab6f9c60649c37c`
SHA256	`f98aa56adc2417ab64be36289564428a9883d458ddbc6184f1394f0b0d542d39`
CRC32	`63494CA8`
ssdeep	`3072:WD7y7hOg0vSOlQDSL4uPSDhn1vtzu2zN3Yot48PAfFo+uZc:WD+N10vSPlftBPAK+`
Yara	PE_Header_Zero - PE File Signature Is_DotNET_EXE - (no description) IsPE32 - (no description) Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

No Suricata Alerts

No Suricata TLS

Bkav	W32.AIDetectMalware.CS
Lionic	Trojan.Win32.Generic.4!c
Elastic	malicious (high confidence)
Skyhigh	Artemis!Trojan
McAfee	Artemis!D43F2191937F
Cylance	unsafe
VIPRE	Gen:Variant.MSILHeracles.157700
Sangfor	Trojan.Msil.Kryptik.Vssg
BitDefender	Gen:Variant.MSILHeracles.157700
Arcabit	Trojan.MSILHeracles.D26804
VirIT	Trojan.Win32.MSIL_Heur.A
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/GenKryptik.GWBO
APEX	Malicious
Avast	PWSX-gen [Trj]
Alibaba	Trojan:MSIL/GenKryptik.b56640e1
MicroWorld-eScan	Gen:Variant.MSILHeracles.157700
Rising	Trojan.Kryptik!8.8 (CLOUD)
Emsisoft	Gen:Variant.MSILHeracles.157700 (B)
FireEye	Gen:Variant.MSILHeracles.157700
Sophos	Generic Reputation PUA (PUA)
Google	Detected
MAX	malware (ai score=89)
Gridinsoft	Trojan.Win32.Kryptik.sa
Microsoft	Trojan:Win32/Znyonm
GData	Gen:Variant.MSILHeracles.157700
AhnLab-V3	Trojan/Win.MSILKrypt.C5609911
DeepInstinct	MALICIOUS
Malwarebytes	Generic.Malware/Suspicious
Panda	Trj/Chgt.AD
Tencent	Win32.Trojan.FalseSign.Rcnw
SentinelOne	Static AI - Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/Agent.QOC!tr.dldr
AVG	PWSX-gen [Trj]
CrowdStrike	win/malicious_confidence_100% (W)
alibabacloud	Trojan:MSIL/GenKryptik.GWBO

Rokzl.exe