setup%E7%9B%AE%E5%BD%95%E8%A1%A8%E6%A0%BC%E5%90%8D%E5%8D%956001.exe| Category | Machine | Started | Completed |
|---|---|---|---|
| FILE | s1_win7_x6401 | June 14, 2024, 9:15 a.m. | June 14, 2024, 9:17 a.m. |
-
setup%E7%9B%AE%E5%BD%95%E8%A1%A8%E6%A0%BC%E5%90%8D%E5%8D%956001.exe "C:\Users\test22\AppData\Local\Temp\setup%E7%9B%AE%E5%BD%95%E8%A1%A8%E6%A0%BC%E5%90%8D%E5%8D%956001.exe"
2576
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| No hosts contacted. | ||
| IP Address | Status | Action |
|---|---|---|
| 8.138.14.211 | Active | Moloch |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
| Elastic | malicious (high confidence) |
| Kaspersky | VHO:Trojan.Win32.Injuke.gen |
| Trapmine | malicious.moderate.ml.score |
| Microsoft | Trojan:Win32/Sabsik.RD.A!ml |
| ZoneAlarm | VHO:Trojan.Win32.Injuke.gen |
| MaxSecure | Trojan.Malware.300983.susgen |
| section | {u'size_of_data': u'0x00013600', u'virtual_address': u'0x00020000', u'entropy': 7.962624758446382, u'name': u'.rsrc', u'virtual_size': u'0x000135b0'} | entropy | 7.96262475845 | description | A section with a high entropy has been found | |||||||||
| entropy | 0.421195652174 | description | Overall entropy of this PE file is high | |||||||||||
| host | 8.138.14.211 | |||
| dead_host | 8.138.14.211:80 |