Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6402 | May 7, 2024, 8:21 a.m. | May 7, 2024, 8:22 a.m. |
-
dumb.exe "C:\Users\test22\AppData\Local\Temp\dumb.exe"
2992
Name | Response | Post-Analysis Lookup |
---|---|---|
No hosts contacted. |
IP Address | Status | Action |
---|---|---|
164.124.101.2 | Active | Moloch |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
section | .managed |
section | hydrated |
section | _RDATA |
section | .malware |
section | {u'size_of_data': u'0x00078e00', u'virtual_address': u'0x00356000', u'entropy': 7.999516891962421, u'name': u'.malware', u'virtual_size': u'0x00079000'} | entropy | 7.99951689196 | description | A section with a high entropy has been found |
Lionic | Trojan.Win32.Generic.4!c |
Elastic | malicious (high confidence) |
Cylance | unsafe |
Sangfor | Trojan.Win32.Agent.Vfde |
Symantec | ML.Attribute.HighConfidence |
APEX | Malicious |
Avast | Win64:RATX-gen [Trj] |
Ikarus | Win32.Outbreak |
Detected | |
Antiy-AVL | Trojan/Win32.Sabsik |
Gridinsoft | Trojan.Heur!.03250023 |
Microsoft | Trojan:Win32/AgentTesla!ml |
DeepInstinct | MALICIOUS |
TrendMicro-HouseCall | TROJ_GEN.F0D1C00E624 |
SentinelOne | Static AI - Malicious PE |
Fortinet | W64/GenKryptik.GUVY!tr |
AVG | Win64:RATX-gen [Trj] |
Paloalto | generic.ml |