Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6401 | July 7, 2024, 7:24 p.m. | July 7, 2024, 7:26 p.m. |
Name | Response | Post-Analysis Lookup |
---|---|---|
No hosts contacted. |
IP Address | Status | Action |
---|---|---|
No hosts contacted. |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
resource name | AFX_DIALOG_LAYOUT |
name | RT_ICON | language | LANG_JAPANESE | filetype | GLS_BINARY_LSB_FIRST | sublanguage | SUBLANG_DEFAULT | offset | 0x003a2f80 | size | 0x00000468 | ||||||||||||||||||
name | RT_ICON | language | LANG_JAPANESE | filetype | GLS_BINARY_LSB_FIRST | sublanguage | SUBLANG_DEFAULT | offset | 0x003a2f80 | size | 0x00000468 | ||||||||||||||||||
name | RT_ICON | language | LANG_JAPANESE | filetype | GLS_BINARY_LSB_FIRST | sublanguage | SUBLANG_DEFAULT | offset | 0x003a2f80 | size | 0x00000468 | ||||||||||||||||||
name | RT_ICON | language | LANG_JAPANESE | filetype | GLS_BINARY_LSB_FIRST | sublanguage | SUBLANG_DEFAULT | offset | 0x003a2f80 | size | 0x00000468 | ||||||||||||||||||
name | RT_ICON | language | LANG_JAPANESE | filetype | GLS_BINARY_LSB_FIRST | sublanguage | SUBLANG_DEFAULT | offset | 0x003a2f80 | size | 0x00000468 | ||||||||||||||||||
name | RT_ICON | language | LANG_JAPANESE | filetype | GLS_BINARY_LSB_FIRST | sublanguage | SUBLANG_DEFAULT | offset | 0x003a2f80 | size | 0x00000468 | ||||||||||||||||||
name | RT_ICON | language | LANG_JAPANESE | filetype | GLS_BINARY_LSB_FIRST | sublanguage | SUBLANG_DEFAULT | offset | 0x003a2f80 | size | 0x00000468 | ||||||||||||||||||
name | RT_STRING | language | LANG_JAPANESE | filetype | data | sublanguage | SUBLANG_DEFAULT | offset | 0x003a7dd0 | size | 0x00000210 | ||||||||||||||||||
name | RT_STRING | language | LANG_JAPANESE | filetype | data | sublanguage | SUBLANG_DEFAULT | offset | 0x003a7dd0 | size | 0x00000210 | ||||||||||||||||||
name | RT_STRING | language | LANG_JAPANESE | filetype | data | sublanguage | SUBLANG_DEFAULT | offset | 0x003a7dd0 | size | 0x00000210 | ||||||||||||||||||
name | RT_GROUP_ICON | language | LANG_JAPANESE | filetype | data | sublanguage | SUBLANG_DEFAULT | offset | 0x003a33e8 | size | 0x00000068 |
section | {u'size_of_data': u'0x0002ea00', u'virtual_address': u'0x00019000', u'entropy': 7.892928174071902, u'name': u'.data', u'virtual_size': u'0x00383468'} | entropy | 7.89292817407 | description | A section with a high entropy has been found | |||||||||
entropy | 0.572964669739 | description | Overall entropy of this PE file is high |
Bkav | W32.AIDetectMalware |
Lionic | Trojan.Win32.StopCrypt.4!c |
Elastic | malicious (high confidence) |
Cynet | Malicious (score: 100) |
Skyhigh | BehavesLike.Win32.Lockbit.fc |
ALYac | Gen:Variant.Midie.147901 |
Cylance | Unsafe |
VIPRE | Gen:Variant.Midie.147901 |
Sangfor | Trojan.Win32.Save.a |
K7AntiVirus | Ransomware ( 0053d5971 ) |
BitDefender | Gen:Variant.Midie.147901 |
K7GW | Ransomware ( 0053d5971 ) |
Cybereason | malicious.2f4329 |
Arcabit | Trojan.Midie.D241BD |
VirIT | Trojan.Win32.Tepfer.AA |
Symantec | ML.Attribute.HighConfidence |
ESET-NOD32 | a variant of Win32/Kryptik.HXBC |
APEX | Malicious |
McAfee | Artemis!84D89662F432 |
Avast | Win32:RansomX-gen [Ransom] |
ClamAV | Win.Packer.pkr_ce1a-9980177-0 |
Kaspersky | HEUR:Trojan.Win32.Chapak.gen |
Alibaba | Ransom:Win32/StopCrypt.e3720dba |
SUPERAntiSpyware | Trojan.Agent/Gen-Tepfer |
MicroWorld-eScan | Gen:Variant.Midie.147901 |
Rising | Trojan.SmokeLoader!1.F6B2 (CLASSIC) |
Emsisoft | Gen:Variant.Midie.147901 (B) |
F-Secure | Trojan.TR/AVI.AceCrypter.gtsog |
DrWeb | Trojan.Packed2.46867 |
Zillya | Trojan.Kryptik.Win32.4789693 |
TrendMicro | Ransom_StopCrypt.R03BC0DEG24 |
McAfeeD | Real Protect-LS!84D89662F432 |
Trapmine | malicious.high.ml.score |
FireEye | Generic.mg.84d89662f4329f2f |
Sophos | Troj/Krypt-VK |
Ikarus | Trojan.Win32.Danabot |
Jiangmin | TrojanSpy.Windigo.art |
Detected | |
Avira | TR/AVI.AceCrypter.gtsog |
MAX | malware (ai score=80) |
Antiy-AVL | Trojan/Win32.Kryptik |
Kingsoft | Win32.Trojan.Generic.a |
Gridinsoft | Ransom.Win32.STOP.dg!n |
Microsoft | Ransom:Win32/StopCrypt.AAX!MTB |
ViRobot | Trojan.Win.Z.Midie.334336.D |
ZoneAlarm | HEUR:Trojan.Win32.Chapak.gen |
GData | Win32.Trojan.PSE.1V2RK4Q |
Varist | W32/Kryptik.LVP.gen!Eldorado |
AhnLab-V3 | Ransomware/Win.StopCrypt.R648426 |
BitDefenderTheta | Gen:NN.ZexaF.36808.uq0@aaj9VTjG |