popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

50-ac.exe

Craxs RAT PE32 PE File .NET EXE
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us April 13, 2024, 11:20 a.m. April 13, 2024, 11:20 a.m.
Size 363.5KB
Type PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 7df59556025e47ed9f44155ac33573cc
SHA256 e34fb3b05852700ae9f875177eebdb1adb18a56cd0ae378544b2bf66871e4d23
CRC32 1BED94A2
ssdeep 6144:v+O2vaXos2cR/uFTlaaylb3l1fAXQBAI/NKn1HqxNUwcFqCkp+NIexVF:m9Oos2cRGFTlaZl0XEFNK1HqbLtpk
PDB Path C:\glim8y60ribsvx\obj\Release\Company.pdb
Yara
  • Craxs_RAT - Craxs RAT
  • PE_Header_Zero - PE File Signature
  • Is_DotNET_EXE - (no description)
  • IsPE32 - (no description)

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

pdb_path C:\glim8y60ribsvx\obj\Release\Company.pdb
section {u'size_of_data': u'0x0005a400', u'virtual_address': u'0x00002000', u'entropy': 7.997528077530635, u'name': u'.text', u'virtual_size': u'0x0005a3b8'} entropy 7.99752807753 description A section with a high entropy has been found
entropy 0.994490358127 description Overall entropy of this PE file is high
Bkav W32.AIDetectMalware.CS
ALYac Gen:Variant.Lazy.509547
VIPRE Gen:Variant.Lazy.509547
Sangfor Trojan.Win32.Save.a
CrowdStrike win/malicious_confidence_90% (D)
BitDefender Gen:Variant.Lazy.509547
Arcabit Trojan.Lazy.D7C66B
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
APEX Malicious
Avast Win32:PWSX-gen [Trj]
Kaspersky UDS:DangerousObject.Multi.Generic
MicroWorld-eScan Gen:Variant.Lazy.509547
Emsisoft Gen:Variant.Lazy.509547 (B)
FireEye Generic.mg.7df59556025e47ed
Sophos Mal/Generic-S
Ikarus Trojan.MSIL.Crypt
Google Detected
Avira TR/AD.Nekark.pwkar
MAX malware (ai score=84)
Kingsoft Win32.PSWTroj.Undef.a
Gridinsoft Malware.Win32.Gen.tr
Microsoft Trojan:Win32/Znyonm
ZoneAlarm UDS:DangerousObject.Multi.Generic
GData Win32.Trojan.Kryptik.6Y1UPH
BitDefenderTheta Gen:NN.ZemsilF.36802.wm0@auHYg7p
DeepInstinct MALICIOUS
Malwarebytes Generic.Malware/Suspicious
Panda Trj/Chgt.AD
TrendMicro-HouseCall TrojanSpy.Win32.RHADAMANTHYS.YXEDLZ
SentinelOne Static AI - Suspicious PE
Fortinet MSIL/GenKryptik.GWGC!tr
AVG Win32:PWSX-gen [Trj]