Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	April 10, 2024, 1:41 p.m.	April 10, 2024, 1:41 p.m.

Size	13.0KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`0c550ce9bb3efa8c3ce80a507cadfffa`
SHA256	`0dc62bc58b6ae1a7971a73973731b6d3f23e8003280451b84623803c39a3f912`
CRC32	`C6D34FB0`
ssdeep	`192:yh4gD1GAhChMSXhCUFaBoU3rKgjwQx5K:S4gD1LhChhXhCEaBo+sQx5K`
Yara	PE_Header_Zero - PE File Signature Malicious_Packer_Zero - Malicious Packer IsPE32 - (no description) Generic_Malware_Zero - Generic Malware

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

The file contains an unknown PE resource name possibly indicative of a packer (1 event)

resource name

EXE

File has been identified by 53 AntiVirus engines on VirusTotal as malicious (50 out of 53 events)

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Rootkit.4!c
Cynet	Malicious (score: 100)
CAT-QuickHeal	Trojan.Win64
Skyhigh	Artemis
ALYac	Trojan.GenericKD.72187981
Cylance	unsafe
Zillya	Rootkit.Agent.Win32.52076
Sangfor	Rootkit.Win64.Agent.Vna3
CrowdStrike	win/malicious_confidence_100% (W)
BitDefender	Trojan.GenericKD.72187981
K7GW	RootKit ( 005a64441 )
K7AntiVirus	RootKit ( 005a64441 )
Arcabit	Trojan.Generic.D44D804D
VirIT	Trojan.Win32.Genus.VNN
Symantec	ML.Attribute.HighConfidence
Elastic	Windows.Rootkit.R77
ESET-NOD32	a variant of Win32/Rootkit.Agent.OEJ
APEX	Malicious
Avast	Win64:MalwareX-gen [Trj]
Kaspersky	VHO:Trojan.Win64.Convagent.gen
Alibaba	Rootkit:Win32/MalwareX.07182e02
MicroWorld-eScan	Trojan.GenericKD.72187981
Rising	Rootkit.Agent!8.F5 (TFE:2:RpZwAEZYoLL)
Emsisoft	Trojan.GenericKD.72187981 (B)
F-Secure	Trojan.RKIT/Agent.tlptm
BitDefenderTheta	Gen:NN.ZexaF.36802.aqW@aOgyjOni
TrendMicro	TROJ_GEN.R002C0XD524
FireEye	Generic.mg.0c550ce9bb3efa8c
Sophos	Mal/Generic-S
Ikarus	Trojan.Win32.Rootkit
Google	Detected
Avira	RKIT/Agent.tlptm
MAX	malware (ai score=89)
Antiy-AVL	Trojan/Win64.Convagent
Kingsoft	Win32.HeurC.KVM003.a
Gridinsoft	Ransom.Win32.Sabsik.sa
Microsoft	Trojan:Win32/Casdet!rfn
ViRobot	Trojan.Win.Z.Babar.13312
ZoneAlarm	VHO:Trojan.Win64.Convagent.gen
GData	Trojan.GenericKD.72187981
Varist	W32/ABRisk.WVVH-0379
AhnLab-V3	Trojan/Win.Generic.C5605648
McAfee	Artemis!6A2C09749219
DeepInstinct	MALICIOUS
Malwarebytes	Malware.Heuristic.2045
Panda	Trj/Chgt.AD
TrendMicro-HouseCall	TROJ_GEN.R002H09CV24
SentinelOne	Static AI - Suspicious PE
MaxSecure	Trojan.Malware.109946137.susgen

xIPJVPDq.exe

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All