offic%E8%A1%A8%E6%A0%BCluck.exe| Category | Machine | Started | Completed |
|---|---|---|---|
| FILE | s1_win7_x6403_us | July 7, 2024, 6:47 p.m. | July 7, 2024, 6:50 p.m. |
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| No hosts contacted. | ||
| IP Address | Status | Action |
|---|---|---|
| No hosts contacted. | ||
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
| resource name | ADOBE |
| resource name | MSC |
| resource name | UNINS000 |
| name | ADOBE | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x0071ed50 | size | 0x01492ff0 | ||||||||||||||||||
| name | MSC | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x00306750 | size | 0x00418600 | ||||||||||||||||||
| name | UNINS000 | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x0000b2f0 | size | 0x002fb45f | ||||||||||||||||||
| name | RT_ICON | language | LANG_CHINESE | filetype | GLS_BINARY_LSB_FIRST | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x01be9604 | size | 0x00000468 | ||||||||||||||||||
| name | RT_ICON | language | LANG_CHINESE | filetype | GLS_BINARY_LSB_FIRST | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x01be9604 | size | 0x00000468 | ||||||||||||||||||
| name | RT_ICON | language | LANG_CHINESE | filetype | GLS_BINARY_LSB_FIRST | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x01be9604 | size | 0x00000468 | ||||||||||||||||||
| name | RT_ICON | language | LANG_CHINESE | filetype | GLS_BINARY_LSB_FIRST | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x01be9604 | size | 0x00000468 | ||||||||||||||||||
| name | RT_ICON | language | LANG_CHINESE | filetype | GLS_BINARY_LSB_FIRST | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x01be9604 | size | 0x00000468 | ||||||||||||||||||
| name | RT_GROUP_ICON | language | LANG_CHINESE | filetype | data | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x01be9a70 | size | 0x0000004c | ||||||||||||||||||
| name | RT_VERSION | language | LANG_CHINESE | filetype | COM executable for DOS | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x01be9ac0 | size | 0x000002b8 | ||||||||||||||||||
| section | {u'size_of_data': u'0x00b31800', u'virtual_address': u'0x0109e000', u'entropy': 7.944772016502591, u'name': u'UPX1', u'virtual_size': u'0x00b32000'} | entropy | 7.9447720165 | description | A section with a high entropy has been found | |||||||||
| entropy | 0.990922451803 | description | Overall entropy of this PE file is high | |||||||||||
| section | UPX0 | description | Section name indicates UPX | ||||||
| section | UPX1 | description | Section name indicates UPX | ||||||
| Bkav | W64.AIDetectMalware |
| Lionic | Trojan.Win32.Shellcode.4!c |
| Cynet | Malicious (score: 99) |
| Skyhigh | BehavesLike.Win64.Generic.wc |
| ALYac | Trojan.GenericKD.73311089 |
| Cylance | Unsafe |
| VIPRE | Trojan.GenericKD.73311089 |
| Sangfor | Trojan.Win32.Kryptik.V4p7 |
| K7AntiVirus | Riskware ( 00584baa1 ) |
| BitDefender | Trojan.GenericKD.73311089 |
| K7GW | Riskware ( 00584baa1 ) |
| Arcabit | Trojan.Generic.D45EA371 |
| Symantec | ML.Attribute.HighConfidence |
| ESET-NOD32 | a variant of Win64/Kryptik.CWU |
| McAfee | Artemis!06592A8CA068 |
| Avast | Win64:CrypterX-gen [Trj] |
| Kaspersky | Trojan.Win32.Shellcode.is |
| MicroWorld-eScan | Trojan.GenericKD.73311089 |
| Rising | Trojan.Kryptik!8.8 (TFE:5:LF6lrnsStYC) |
| Emsisoft | Trojan.GenericKD.73311089 (B) |
| F-Secure | Trojan.TR/Kryptik.aygdi |
| TrendMicro | TROJ_GEN.R023C0XG224 |
| McAfeeD | ti!ACCE6A3F4A8D |
| FireEye | Trojan.GenericKD.73311089 |
| Sophos | Mal/Generic-S |
| Ikarus | Trojan.Win64.Crypt |
| Webroot | W32.Trojan.GenKD |
| Detected | |
| Avira | TR/Kryptik.aygdi |
| Antiy-AVL | Trojan/Win64.Kryptik |
| Kingsoft | Win32.Trojan.Shellcode.is |
| Xcitium | Malware@#1kjjsv0kxllxl |
| Microsoft | Trojan:Win32/Casdet!rfn |
| ZoneAlarm | Trojan.Win32.Shellcode.is |
| GData | Trojan.GenericKD.73311089 |
| Varist | W64/ABTrojan.MYMG-7580 |
| AhnLab-V3 | Trojan/Win.Generic.C5647784 |
| DeepInstinct | MALICIOUS |
| Malwarebytes | Malware.AI.2952217951 |
| Panda | Trj/Chgt.AD |
| TrendMicro-HouseCall | TROJ_GEN.R023C0XG224 |
| Tencent | Malware.Win32.Gencirc.10c00aff |
| MAX | malware (ai score=80) |
| MaxSecure | Trojan.Malware.267181580.susgen |
| Fortinet | W64/Kryptik.CWU!tr |
| AVG | Win64:CrypterX-gen [Trj] |
| Paloalto | generic.ml |
| CrowdStrike | win/malicious_confidence_70% (D) |
| alibabacloud | Trojan:Win/Shellcode.iv |