Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	April 12, 2024, 3:06 p.m.	April 12, 2024, 3:06 p.m.

Size	14.0KB
Type	PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
MD5	`0fcb865b692c0a5339bdf8e937a25dcf`
SHA256	`ddb93974866c51f868d65fc7dbcc0a8b25af371561125eb22b98beb528a07b3d`
CRC32	`451A71E2`
ssdeep	`192:A0H+DgGK83SxHn2OQ/dmBI4KBfTgir+xzTlo4SbqUqV/Qjo7AGa:AY+kGKqbOCdWIVBff+xzTRefCXAn`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsPE32 - (no description)

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

File has been identified by 59 AntiVirus engines on VirusTotal as malicious (50 out of 59 events)

Bkav	W32.AIDetectMalware
Cynet	Malicious (score: 100)
CAT-QuickHeal	Trojan.GenericPMF.S22096310
Skyhigh	BehavesLike.Win32.TrojanCobalt.lm
ALYac	Trojan.GenericKDZ.80482
Cylance	unsafe
VIPRE	Trojan.GenericKDZ.80482
Sangfor	Trojan.Win32.CobaltStrike
CrowdStrike	win/malicious_confidence_100% (W)
BitDefender	Trojan.GenericKDZ.80482
K7GW	Trojan ( 005622831 )
K7AntiVirus	Trojan ( 005622831 )
Arcabit	Trojan.Generic.D13A62
VirIT	Trojan.Win32.Inject3.DZW
Symantec	Backdoor.Cobalt
Elastic	Windows.Trojan.CobaltStrike
ESET-NOD32	a variant of Win32/Rozena.AMZ
APEX	Malicious
McAfee	Trojan-Cobalt!0FCB865B692C
Avast	Win32:HacktoolX-gen [Trj]
ClamAV	Win.Trojan.CobaltStrike-7899872-1
Kaspersky	HEUR:Trojan.Win32.CobaltStrike.gen
Alibaba	Trojan:Win32/Rozena.12cc
NANO-Antivirus	Trojan.Win32.Inject3.horsiq
MicroWorld-eScan	Trojan.GenericKDZ.80482
Rising	Backdoor.CobaltStrike!1.D049 (CLASSIC)
Emsisoft	Trojan.Rozena (A)
F-Secure	Trojan.TR/Crypt.XPACK.Gen7
DrWeb	Trojan.Inject3.2700
Zillya	Trojan.Rozena.Win32.99309
TrendMicro	Trojan.Win32.COBALT.SM
FireEye	Generic.mg.0fcb865b692c0a53
Sophos	ATK/Cobalt-A
Ikarus	Trojan.Win32.CobaltStrike
Jiangmin	Trojan.Generic.ftawl
Google	Detected
Avira	TR/Crypt.XPACK.Gen7
MAX	malware (ai score=88)
Antiy-AVL	Trojan/Win32.Wacatac
Kingsoft	Win32.Trojan.CobaltStrike.gen
Gridinsoft	Trojan.Win32.Heur.oa!s1
Microsoft	Backdoor:Win64/CobaltStrike!pz
ViRobot	Trojan.Win32.Cobalt.14336.J
ZoneAlarm	HEUR:Trojan.Win32.CobaltStrike.gen
GData	Win32.Trojan.PSE.PHVAWJ
Varist	W32/Diple.G.gen!Eldorado
AhnLab-V3	Trojan/Win32.CobaltStrike.R329694
DeepInstinct	MALICIOUS
VBA32	TScope.Malware-Cryptor.SB
Malwarebytes	Generic.Malware.AI.DDS

QQ.exe

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All