popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

SharpHound.ps1

Generic Malware Antivirus
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us June 9, 2024, 9:30 a.m. June 9, 2024, 9:38 a.m.
Size 1.2MB
Type ASCII text, with very long lines
MD5 310d06e1da8a16b5121ead4874f634fa
SHA256 f887e04ce6c43da608cfcb45e51398305bb3912ee9d88ac7569c917e245d404a
CRC32 3FB82D0C
ssdeep 24576:euW3o4ZZdSsjURYvfwWg/pmTsiKAJ/lAbWjRaXZuyrD2AkAI9oaiZHR:euWcNUJNTRbI227rZR
Yara None matched

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

GlobalMemoryStatusEx

 1 1 0
Time & API Arguments Status Return Repeated

NtAllocateVirtualMemory

 process_identifier: 1460
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x024cb000
allocation_type: 4096 (MEM_COMMIT)
process_handle: 0xffffffff
1 0 0

NtAllocateVirtualMemory

 process_identifier: 1460
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x024df000
allocation_type: 4096 (MEM_COMMIT)
process_handle: 0xffffffff
1 0 0
Lionic Hacktool.Script.PowerShell.3!c
Cynet Malicious (score: 99)
Skyhigh BehavesLike.PS.Dropper.tg
ALYac Trojan.GenericKD.67207512
VIPRE Trojan.GenericKD.67207512
Sangfor Trojan.Generic-Script.Save.2ec4e121
Arcabit Trojan.Generic.D4018158
Symantec Trojan Horse
ESET-NOD32 PowerShell/TrojanDropper.Agent.AHN
TrendMicro-HouseCall HackTool.PS1.Sharphound.VSNW0AG23
McAfee Generic pup.mg
Avast Script:SNH-gen [PUP]
Kaspersky HEUR:HackTool.Win32.Agent.gen
BitDefender Trojan.GenericKD.67207512
MicroWorld-eScan Trojan.GenericKD.67207512
Rising HackTool.SharpHound/PS!8.1604C (TOPIS:E0:b12esf8tyUJ)
Emsisoft Trojan.GenericKD.67207512 (B)
F-Secure Trojan.TR/PShell.Agent.AS
DrWeb Tool.Bloodhound.6
TrendMicro HackTool.PS1.Sharphound.VSNW0AG23
FireEye Trojan.GenericKD.67207512
Sophos ATK/BloodH-B
Ikarus Trojan.PowerShell.Crypt
Google Detected
Avira TR/PShell.Agent.AS
Microsoft Trojan:Win32/Leonem
ZoneAlarm HEUR:HackTool.Win32.Agent.gen
GData Trojan.GenericKD.67207512
Varist PSH/SharpHound.A
AhnLab-V3 Trojan/Powershell.SharpHound.S2478
Tencent Trojan.PowerShell.Obfuscated.11027674
MAX malware (ai score=86)
AVG Script:SNH-gen [PUP]
Panda Trj/Sharp.A
alibabacloud Trojan[dropper]:Win/Agent.AJS