Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	June 3, 2024, 3:15 p.m.	June 3, 2024, 3:15 p.m.

Size	448.0KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
MD5	`527d1b34d5c5759d38b6496008e379b1`
SHA256	`594ccab9f478744e17a5e75de82bb8516c6a2bfa6ec7ff602044923ac8059d8a`
CRC32	`E773319B`
ssdeep	`6144:VoShfbIxkwfWt/ASuSEgSYt4AvpowKhlx+sdF3zEUv8HukmyLliiU93qJ8:yqAPWt4LmtXBKYebv0YUeqJ8`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature NSIS_Installer - Null Soft Installer IsPE32 - (no description) UPX_Zero - UPX packed file

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

No Suricata Alerts

No Suricata TLS

section

.ndata

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Androm.m!c
Elastic	malicious (high confidence)
Cynet	Malicious (score: 100)
Skyhigh	BehavesLike.Win32.Dropper.gc
Cylance	unsafe
K7AntiVirus	Trojan ( 005b62ff1 )
K7GW	Trojan ( 005b62ff1 )
Symantec	Trojan.Gen.MBT
ESET-NOD32	NSIS/Injector.CQY
McAfee	Artemis!527D1B34D5C5
Avast	Win32:Evo-gen [Trj]
Kaspersky	HEUR:Backdoor.Win32.Androm.gen
TrendMicro	Trojan.Win32.GULOADER.YXEE3Z
McAfeeD	ti!594CCAB9F478
Sophos	Mal/Generic-S
Ikarus	Trojan.NSIS.Agent
Google	Detected
Antiy-AVL	Trojan[Backdoor]/Win32.Androm.gen
Kingsoft	malware.kb.a.888
Microsoft	Trojan:Win32/GuLoader
ZoneAlarm	HEUR:Backdoor.Win32.Androm.gen
GData	Win32.Trojan.Agent.E1BU9G
Varist	W32/Agent.IYR.gen!Eldorado
DeepInstinct	MALICIOUS
Malwarebytes	Malware.AI.980415415
Panda	Trj/Chgt.AD
TrendMicro-HouseCall	Trojan.Win32.GULOADER.YXEE3Z
Tencent	Win32.Backdoor.Androm.Zwhl
Fortinet	W32/CQY!tr
AVG	Win32:Evo-gen [Trj]
Paloalto	generic.ml
CrowdStrike	win/malicious_confidence_90% (D)
alibabacloud	Trojan

RFQ#ORDER-SP-24-0217891-003.docx.com