setup%E7%9B%AE%E5%BD%95%E8%A1%A8%E6%A0%BC%E5%90%8D%E5%8D%956001.exe| Category | Machine | Started | Completed |
|---|---|---|---|
| FILE | s1_win7_x6401 | June 14, 2024, 9:15 a.m. | June 14, 2024, 9:19 a.m. |
-
setup%E7%9B%AE%E5%BD%95%E8%A1%A8%E6%A0%BC%E5%90%8D%E5%8D%956001.exe "C:\Users\test22\AppData\Local\Temp\setup%E7%9B%AE%E5%BD%95%E8%A1%A8%E6%A0%BC%E5%90%8D%E5%8D%956001.exe"
2556
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| No hosts contacted. | ||
| IP Address | Status | Action |
|---|---|---|
| 8.138.11.176 | Active | Moloch |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
| section | {u'size_of_data': u'0x0000ea00', u'virtual_address': u'0x00010000', u'entropy': 7.329480318321902, u'name': u'.rsrc', u'virtual_size': u'0x0000e984'} | entropy | 7.32948031832 | description | A section with a high entropy has been found | |||||||||
| entropy | 0.585 | description | Overall entropy of this PE file is high | |||||||||||
| host | 8.138.11.176 | |||
| Elastic | malicious (high confidence) |
| Cylance | Unsafe |
| ESET-NOD32 | a variant of Win64/TrojanDownloader.Agent.AVD |
| Kaspersky | UDS:DangerousObject.Multi.Generic |
| Rising | Downloader.Agent!8.B23 (CLOUD) |
| McAfeeD | ti!7DBA56FBF54F |
| FireEye | Generic.mg.b8cc81e57efd30ca |
| Sophos | Mal/Generic-S |
| Ikarus | Win32.Outbreak |
| Kingsoft | Win32.Trojan-Downloader.Agent.a |
| Microsoft | Trojan:Win32/Wacatac.B!ml |
| ZoneAlarm | UDS:DangerousObject.Multi.Generic |
| DeepInstinct | MALICIOUS |
| MaxSecure | Trojan.Malware.300983.susgen |
| Paloalto | generic.ml |
| CrowdStrike | win/malicious_confidence_70% (W) |
| dead_host | 8.138.11.176:80 |