pic2.exe| Category | Machine | Started | Completed |
|---|---|---|---|
| FILE | s1_win7_x6401 | June 25, 2024, 7:53 a.m. | June 25, 2024, 7:55 a.m. |
-
pic2.exe "C:\Users\test22\AppData\Local\Temp\pic2.exe"
2560
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| No hosts contacted. | ||
| IP Address | Status | Action |
|---|---|---|
| No hosts contacted. | ||
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
| section | .vmp\xc2\x9dt\xc3 |
| section | {u'size_of_data': u'0x00271c00', u'virtual_address': u'0x00158000', u'entropy': 7.971632567843599, u'name': u'.vmp\\xc2\\x9dt\\xc3', u'virtual_size': u'0x00271b50'} | entropy | 7.97163256784 | description | A section with a high entropy has been found | |||||||||
| entropy | 0.910844250364 | description | Overall entropy of this PE file is high | |||||||||||
| section | .vmp\xc2\x9dt\xc3 | description | Section name indicates VMProtect | ||||||
| section | .vmp\xc2\x9dt\xc3 | description | Section name indicates VMProtect | ||||||
| section | .vmp\xc2\x9dt\xc3 | description | Section name indicates VMProtect | ||||||
| Bkav | W32.AIDetectMalware |
| Elastic | malicious (high confidence) |
| Cynet | Malicious (score: 100) |
| Cylance | Unsafe |
| Symantec | ML.Attribute.HighConfidence |
| ESET-NOD32 | a variant of Win32/Packed.VMProtect.BG suspicious |
| Kaspersky | VHO:Trojan.Win32.Sdum.gen |
| Rising | Trojan.Generic@AI.97 (RDMK:cmRtazqNwNER12ofNRXvtXBxQRjY) |
| McAfeeD | ti!E03AD208CD03 |
| Trapmine | malicious.high.ml.score |
| Gridinsoft | Trojan.Heur!.00210281 |
| Microsoft | Trojan:Win32/Wacatac.B!ml |
| ZoneAlarm | VHO:Trojan.Win32.Sdum.gen |
| AhnLab-V3 | Suspicious/Win.MalPe.X2200 |
| BitDefenderTheta | Gen:NN.ZexaF.36808.TI2@ayuRDF |
| DeepInstinct | MALICIOUS |
| VBA32 | BScope.TrojanSpy.LClipper |
| MaxSecure | Trojan.Malware.300983.susgen |