Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	April 16, 2024, 3:23 p.m.	April 16, 2024, 3:23 p.m.

Size	304.0KB
Type	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`8510bcf5bc264c70180abe78298e4d5b`
SHA256	`096220045877e456edfea1adcd5bf1efd332665ef073c6d1e9474c84ca5433f6`
CRC32	`2078FC5E`
ssdeep	`3072:uq6EgY6i4rUjhYMLwPcologL/ejZWTACtAti0lcZqf7D34leqiOLibBOp:VqY6inwPDpKZWTA+AplcZqf7DIvL`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature Is_DotNET_EXE - (no description) IsPE32 - (no description) RedLine_Stealer_b_Zero - RedLine stealer Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check detect_Redline_Stealer_V2 - (no description)

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

File has been identified by 56 AntiVirus engines on VirusTotal as malicious (50 out of 56 events)

Bkav	W32.CobirEmawqE.Trojan
tehtris	Generic.Malware
CAT-QuickHeal	TrojanSpy.MSIL
Skyhigh	Artemis!Trojan
ALYac	Generic.Dacic.7CD77862.A.166C13F8
Cylance	unsafe
VIPRE	Generic.Dacic.7CD77862.A.166C13F8
Sangfor	Spyware.Msil.Redline.Vsl0
CrowdStrike	win/malicious_confidence_100% (W)
BitDefender	Generic.Dacic.7CD77862.A.166C13F8
K7GW	Spyware ( 005995c91 )
K7AntiVirus	Spyware ( 005995c91 )
Arcabit	Generic.Dacic.7CD77862.A.166C13F8
VirIT	Trojan.Win32.MSIL_Heur.A
Symantec	ML.Attribute.HighConfidence
Elastic	Windows.Generic.Threat
ESET-NOD32	a variant of MSIL/Spy.RedLine.A
APEX	Malicious
McAfee	Artemis!8510BCF5BC26
Avast	Win32:PWSX-gen [Trj]
ClamAV	Win.Malware.Trojanx-9862538-0
Kaspersky	HEUR:Trojan-Spy.MSIL.Stealer.gen
Alibaba	Trojan:MSIL/Redline.bba6ffc0
SUPERAntiSpyware	Trojan.Agent/Gen-Redline
MicroWorld-eScan	Generic.Dacic.7CD77862.A.166C13F8
Rising	Spyware.Redline!8.1309C (CLOUD)
Emsisoft	Generic.Dacic.7CD77862.A.166C13F8 (B)
F-Secure	Trojan.TR/AD.RedLineSteal.dcvny
DrWeb	Trojan.PWS.RedLineNET.9
Zillya	Trojan.RedLine.Win32.10822
TrendMicro	TrojanSpy.Win32.REDLINE.YXEDIZ
FireEye	Generic.Dacic.7CD77862.A.166C13F8
Sophos	Troj/Redline-D
Ikarus	Trojan-Spy.Agent
Google	Detected
Avira	TR/AD.RedLineSteal.dcvny
MAX	malware (ai score=81)
Kingsoft	MSIL.Trojan-Spy.Stealer.gen
Gridinsoft	Malware.Win32.RedLine.tr
Microsoft	Trojan:MSIL/Redline.MG!MTB
ViRobot	Trojan.Win.Z.Redline.311296.F
ZoneAlarm	HEUR:Trojan-Spy.MSIL.Stealer.gen
GData	MSIL.Trojan-Stealer.Redline.G
Varist	W32/MSIL_Agent.FCZ.gen!Eldorado
AhnLab-V3	Trojan/Win.Dacic.R641638
BitDefenderTheta	Gen:NN.ZemsilF.36802.tm0@aiHFmGn
DeepInstinct	MALICIOUS
VBA32	Trojan.MSIL.InfoStealer.gen.U
Malwarebytes	Trojan.MalPack.MSIL
Panda	Trj/GdSda.A

jok.exe

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All