Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	July 1, 2024, 10:23 a.m.	July 1, 2024, 10:23 a.m.

Size	71.0MB
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`8fb5e72a31680189d9a529b49962a0b1`
SHA256	`4f9ef9f4b90d8e0928a36369e90d912b1f4a3b5afc173cddecb1790aa06cdc74`
CRC32	`C41A4882`
ssdeep	`1572864:jSGOD5R6/+fkA7n5gpO6TlY0C1U9j+JsTiV/Dn5+s24M/:jpODH63A75gpNhY0Cy96Js+VLJU`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
164.124.101.2	Active	Moloch

No Suricata Alerts

No Suricata TLS

section

_RDATA

Bkav	W64.AIDetectMalware
Lionic	Trojan.Win32.NukeSped.4!c
ALYac	Backdoor.Agent.status
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
Alibaba	Trojan:Win64/NukeSped.d298f49d
K7GW	Trojan ( 005947171 )
Symantec	Trojan.Gen.MBT
ESET-NOD32	a variant of Win64/NukeSped.KP
Paloalto	generic.ml
Kaspersky	Trojan-Downloader.Win64.Mint.bam
Rising	Trojan.NukeSped!8.3184 (CLOUD)
F-Secure	Trojan.TR/NukeSped.dggcy
McAfeeD	ti!4F9EF9F4B90D
Sophos	Mal/Generic-S
Google	Detected
Avira	TR/NukeSped.dggcy
MAX	malware (ai score=99)
Kingsoft	Win32.Troj.Unknown.a
Xcitium	Malware@#3q33yszf9i0vw
ZoneAlarm	Trojan-Downloader.Win64.Mint.bam
Varist	W64/ABTrojan.CIXV-6119
AhnLab-V3	Trojan/Win.Lazardoor.R592967
DeepInstinct	MALICIOUS
Tencent	Win64.Trojan-Downloader.Mint.Oqil
alibabacloud	Trojan[downloader]:Win/NukeSped.KX

pconsnap.dll.exe