Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6401 | June 14, 2024, 9:15 a.m. | June 14, 2024, 9:19 a.m. |
-
setup%E7%9B%AE%E5%BD%95%E8%A1%A8%E6%A0%BC%E5%90%8D%E5%8D%956001.exe "C:\Users\test22\AppData\Local\Temp\setup%E7%9B%AE%E5%BD%95%E8%A1%A8%E6%A0%BC%E5%90%8D%E5%8D%956001.exe"
2556
Name | Response | Post-Analysis Lookup |
---|---|---|
No hosts contacted. |
IP Address | Status | Action |
---|---|---|
8.138.11.176 | Active | Moloch |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
section | {u'size_of_data': u'0x0000ea00', u'virtual_address': u'0x00010000', u'entropy': 7.329480318321902, u'name': u'.rsrc', u'virtual_size': u'0x0000e984'} | entropy | 7.32948031832 | description | A section with a high entropy has been found | |||||||||
entropy | 0.585 | description | Overall entropy of this PE file is high |
host | 8.138.11.176 |
Elastic | malicious (high confidence) |
Cylance | Unsafe |
ESET-NOD32 | a variant of Win64/TrojanDownloader.Agent.AVD |
Kaspersky | UDS:DangerousObject.Multi.Generic |
Rising | Downloader.Agent!8.B23 (CLOUD) |
McAfeeD | ti!7DBA56FBF54F |
FireEye | Generic.mg.b8cc81e57efd30ca |
Sophos | Mal/Generic-S |
Ikarus | Win32.Outbreak |
Kingsoft | Win32.Trojan-Downloader.Agent.a |
Microsoft | Trojan:Win32/Wacatac.B!ml |
ZoneAlarm | UDS:DangerousObject.Multi.Generic |
DeepInstinct | MALICIOUS |
MaxSecure | Trojan.Malware.300983.susgen |
Paloalto | generic.ml |
CrowdStrike | win/malicious_confidence_70% (W) |
dead_host | 8.138.11.176:80 |