Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	July 4, 2024, 4:55 p.m.	July 4, 2024, 4:59 p.m.

Size	8.5KB
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`d5f8785aedca631c7c8e123dc0e6e35f`
SHA256	`f83bee2e9d7c8ead88c3d0b761339bfa232e14803608a17e60582516e6559ae0`
CRC32	`B1ABC53E`
ssdeep	`48:qUr3zU9G4aNVhnX5hthMt6dO28xZMEvCHPAPb:+DIibzs`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description) Swrort - Trojan:Win32/Meterpreter

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

File has been identified by 56 AntiVirus engines on VirusTotal as malicious (50 out of 56 events)

Bkav	W32.AIDetectMalware
Elastic	Windows.Trojan.Metasploit
Cynet	Malicious (score: 100)
CAT-QuickHeal	Trojan.GenericRI.S28877354
Skyhigh	BehavesLike.Win32.Generic.xz
McAfee	Trojan-FTFU!D5F8785AEDCA
Cylance	Unsafe
VIPRE	Generic.ShellCode.Marte.3.C129BEF3
Sangfor	Suspicious.Win32.Save.a
K7AntiVirus	Trojan ( 005aac371 )
BitDefender	Generic.ShellCode.Marte.3.C129BEF3
K7GW	Trojan ( 005aac371 )
Arcabit	Generic.ShellCode.Marte.3.C129BEF3
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Inject.NJV
APEX	Malicious
Avast	Win32:MsfShell-C [Trj]
Kaspersky	HEUR:Trojan.Win32.Generic
NANO-Antivirus	Trojan.Win32.Inject4.jozwdf
MicroWorld-eScan	Generic.ShellCode.Marte.3.C129BEF3
Rising	Backdoor.CobaltStrike!1.DEDE (RDMK:cmRtazqdEd61r1DVnUxSEel0s0TY)
Emsisoft	Generic.ShellCode.Marte.3.C129BEF3 (B)
F-Secure	Trojan:W32/Payload.A
DrWeb	Trojan.Inject4.30337
Zillya	Trojan.Inject.Win32.318161
TrendMicro	TROJ_SWRORT.SMDSA
McAfeeD	ti!F83BEE2E9D7C
Trapmine	malicious.high.ml.score
FireEye	Generic.mg.d5f8785aedca631c
Sophos	ATK/FatRat-J
Ikarus	Trojan.Win32.Inject
Jiangmin	Trojan.Generic.hherp
Webroot	W32.Trojan.Gen
Google	Detected
Avira	TR/Hijacker.Gen
MAX	malware (ai score=87)
Antiy-AVL	Trojan/Win32.Invader
Microsoft	Trojan:Win32/Meterpreter.RPZ!MTB
ZoneAlarm	HEUR:Trojan.Win32.Generic
GData	Win32.Trojan.PSE.M9A40B
Varist	W32/Trojan.IIF.gen!Eldorado
AhnLab-V3	Trojan/Win.Generic.R439046
BitDefenderTheta	Gen:NN.ZedlaF.36808.aq4@aS5O3Di
TACHYON	Trojan/W32.Invader.8704
DeepInstinct	MALICIOUS
VBA32	BScope.Trojan.Invader
Malwarebytes	Generic.Malware.AI.DDS
Panda	Trj/Genetic.gen
TrendMicro-HouseCall	TROJ_SWRORT.SMDSA
Yandex	Trojan.Agent!qMd20PDGUj4

UpdaterLOC.dll

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All