Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	June 11, 2024, 10:50 a.m.	June 11, 2024, 10:50 a.m.

Size	8.5KB
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`43296c4ac197f6feae234bb99e90ad57`
SHA256	`5efab529c30f2571bbb2c3d093898cdf296878dd330afc7dfd68bf86c53b7dae`
CRC32	`B9206A08`
ssdeep	`48:qUr3zU9G4aNVhnX5hthMt6dO54WTJ7d5b:+DIi59J7`
Yara	IsDLL - (no description) IsPE32 - (no description) Swrort - Trojan:Win32/Meterpreter PE_Header_Zero - PE File Signature

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
164.124.101.2	Active	Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

File has been identified by 61 AntiVirus engines on VirusTotal as malicious (50 out of 61 events)

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Marte.4!c
Cynet	Malicious (score: 100)
CAT-QuickHeal	Trojan.GenericRI.S28877354
Skyhigh	Trojan-FTFU!43296C4AC197
ALYac	Generic.ShellCode.Marte.3.FEBF157E
Cylance	Unsafe
VIPRE	Generic.ShellCode.Marte.3.FEBF157E
Sangfor	HackTool.Win32.Reverse_Bin_v2_5_through_v4_x.uwccg
K7AntiVirus	Trojan ( 005aac371 )
BitDefender	Generic.ShellCode.Marte.3.FEBF157E
K7GW	Trojan ( 005aac371 )
Arcabit	Generic.ShellCode.Marte.3.FEBF157E
Symantec	Trojan Horse
Elastic	Windows.Trojan.Metasploit
ESET-NOD32	a variant of Win32/Inject.NJV
APEX	Malicious
McAfee	Trojan-FTFU!43296C4AC197
Avast	Win32:Meterpreter-C [Trj]
Kaspersky	HEUR:Trojan.Win32.Generic
Alibaba	Trojan:Win32/Swrort.ed3f5210
NANO-Antivirus	Trojan.Win32.Inject4.jozwdf
MicroWorld-eScan	Generic.ShellCode.Marte.3.FEBF157E
Emsisoft	Generic.ShellCode.Marte.3.FEBF157E (B)
F-Secure	Trojan:W32/Payload.A
DrWeb	Trojan.Inject4.30337
Zillya	Trojan.Inject.Win32.318161
TrendMicro	TROJ_SWRORT.SMDSA
McAfeeD	ti!5EFAB529C30F
Trapmine	malicious.high.ml.score
FireEye	Generic.mg.43296c4ac197f6fe
Sophos	ATK/FatRat-J
Ikarus	Trojan.Win32.Inject
Jiangmin	Trojan.Generic.hherp
Webroot	W32.Trojan.Gen
Google	Detected
Avira	TR/Hijacker.Gen
MAX	malware (ai score=83)
Antiy-AVL	Trojan/Win32.Invader
Kingsoft	malware.kb.a.896
Gridinsoft	Trojan.Win32.Downloader.cl
Microsoft	Trojan:Win32/Meterpreter.RPZ!MTB
ViRobot	Trojan.Win.Z.Inject.8704.P
ZoneAlarm	HEUR:Trojan.Win32.Generic
GData	Win32.Trojan.PSE.10KKVZ1
Varist	W32/Trojan.IIF.gen!Eldorado
AhnLab-V3	Trojan/Win.Generic.R439046
BitDefenderTheta	Gen:NN.ZedlaF.36806.aq4@aS5O3Di
TACHYON	Trojan/W32.Invader.8704
DeepInstinct	MALICIOUS

payload.dll

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All