Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6402	April 12, 2024, 8:40 a.m.	April 12, 2024, 8:40 a.m.

Size	23.5KB
Type	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`3e2f66f617318069be60fe1c16ecdfd6`
SHA256	`1cfbcd1f141c0199ba408b39fb9a178894c2bec3a05a64f961dc06f7939fabf3`
CRC32	`D6024A2D`
ssdeep	`384:ByF6ioX0duXscfvOiCf8euj2jkyjjZjstc1c27C0qRQhYrtG5S/2vHvrY/:Bu38DCkeuj2jkyjjZjstc1TMv0PrY/`
Yara	PE_Header_Zero - PE File Signature Is_DotNET_EXE - (no description) IsPE32 - (no description) Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

File has been identified by 50 AntiVirus engines on VirusTotal as malicious (50 events)

Bkav	W32.AIDetectMalware.CS
ALYac	Gen:Variant.Marsilia.109075
Cylance	unsafe
VIPRE	Gen:Variant.Marsilia.109075
Sangfor	Downloader.Msil.Blocker.Vja8
CrowdStrike	win/malicious_confidence_100% (W)
BitDefender	Gen:Variant.Marsilia.109075
K7GW	Trojan-Downloader ( 005b1e751 )
K7AntiVirus	Trojan-Downloader ( 005b1e751 )
Arcabit	Trojan.Marsilia.D1AA13
VirIT	Trojan.Win32.MSIL_Heur.A
Symantec	Trojan.Gen.2
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/TrojanDownloader.Agent.QFG
APEX	Malicious
Avast	Win32:DropperX-gen [Drp]
Kaspersky	HEUR:Trojan-Ransom.MSIL.Blocker.gen
Alibaba	Trojan:MSIL/PureLogStealer.32815109
MicroWorld-eScan	Gen:Variant.Marsilia.109075
Rising	Ransom.Blocker!8.12A (CLOUD)
Emsisoft	Gen:Variant.Marsilia.109075 (B)
F-Secure	Trojan.TR/AD.Nekark.cvsbo
DrWeb	Trojan.DownLoaderNET.938
Zillya	Downloader.Agent.Win32.551855
TrendMicro	Ransom_Blocker.R002C0DBM24
FireEye	Gen:Variant.Marsilia.109075
Sophos	Mal/Generic-S
Ikarus	Trojan-Downloader.MSIL.Agent
Google	Detected
Avira	TR/AD.Nekark.cvsbo
Kingsoft	MSIL.Trojan-Ransom.Blocker.gen
Gridinsoft	Trojan.Win32.Downloader.dd!s1
Xcitium	Malware@#2zf8ydrnrqbhz
Microsoft	Trojan:MSIL/PureLogStealer.FEAA!MTB
ViRobot	Trojan.Win.Z.Marsilia.24064.A
ZoneAlarm	HEUR:Trojan-Ransom.MSIL.Blocker.gen
GData	Gen:Variant.Marsilia.109075
Varist	W32/Agent.ENS.gen!Eldorado
AhnLab-V3	Trojan/Win.PureLogStealer.C5592532
BitDefenderTheta	Gen:NN.ZemsilF.36802.bm0@aG5tiVn
DeepInstinct	MALICIOUS
VBA32	TScope.Trojan.MSIL
Malwarebytes	Trojan.Downloader
Panda	Trj/Chgt.AD
TrendMicro-HouseCall	Ransom_Blocker.R002C0DBM24
Tencent	Malware.Win32.Gencirc.10bfa519
MaxSecure	Trojan.Malware.73689294.susgen
Fortinet	MSIL/Kryptik.AKSH!tr
AVG	Win32:DropperX-gen [Drp]
alibabacloud	Ransomware:MSIL/PureLogStealer.FEAA!MTB

04_Mtkfarukc.exe

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All