Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6403_us | July 9, 2024, 9:53 a.m. | July 9, 2024, 9:55 a.m. |
Name | Response | Post-Analysis Lookup |
---|---|---|
No hosts contacted. |
IP Address | Status | Action |
---|---|---|
No hosts contacted. |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
section | .tuducuj |
section | .lejaci |
section | .labanaz |
resource name | DEMAFE |
name | DEMAFE | language | LANG_TURKISH | filetype | ASCII text, with very long lines, with no line terminators | sublanguage | SUBLANG_DEFAULT | offset | 0x000caee8 | size | 0x000003fa | ||||||||||||||||||
name | RT_ICON | language | LANG_TURKISH | filetype | GLS_BINARY_LSB_FIRST | sublanguage | SUBLANG_DEFAULT | offset | 0x000caa08 | size | 0x00000468 | ||||||||||||||||||
name | RT_ICON | language | LANG_TURKISH | filetype | GLS_BINARY_LSB_FIRST | sublanguage | SUBLANG_DEFAULT | offset | 0x000caa08 | size | 0x00000468 | ||||||||||||||||||
name | RT_ICON | language | LANG_TURKISH | filetype | GLS_BINARY_LSB_FIRST | sublanguage | SUBLANG_DEFAULT | offset | 0x000caa08 | size | 0x00000468 | ||||||||||||||||||
name | RT_ICON | language | LANG_TURKISH | filetype | GLS_BINARY_LSB_FIRST | sublanguage | SUBLANG_DEFAULT | offset | 0x000caa08 | size | 0x00000468 | ||||||||||||||||||
name | RT_ICON | language | LANG_TURKISH | filetype | GLS_BINARY_LSB_FIRST | sublanguage | SUBLANG_DEFAULT | offset | 0x000caa08 | size | 0x00000468 | ||||||||||||||||||
name | RT_ICON | language | LANG_TURKISH | filetype | GLS_BINARY_LSB_FIRST | sublanguage | SUBLANG_DEFAULT | offset | 0x000caa08 | size | 0x00000468 | ||||||||||||||||||
name | RT_ICON | language | LANG_TURKISH | filetype | GLS_BINARY_LSB_FIRST | sublanguage | SUBLANG_DEFAULT | offset | 0x000caa08 | size | 0x00000468 | ||||||||||||||||||
name | RT_ICON | language | LANG_TURKISH | filetype | GLS_BINARY_LSB_FIRST | sublanguage | SUBLANG_DEFAULT | offset | 0x000caa08 | size | 0x00000468 | ||||||||||||||||||
name | RT_GROUP_ICON | language | LANG_TURKISH | filetype | data | sublanguage | SUBLANG_DEFAULT | offset | 0x000cae70 | size | 0x00000076 |
section | {u'size_of_data': u'0x00024e00', u'virtual_address': u'0x00001000', u'entropy': 7.741348783396511, u'name': u'.text', u'virtual_size': u'0x00024c73'} | entropy | 7.7413487834 | description | A section with a high entropy has been found | |||||||||
entropy | 0.671981776765 | description | Overall entropy of this PE file is high |
Bkav | W32.AIDetectMalware |
Cynet | Malicious (score: 100) |
Skyhigh | BehavesLike.Win32.Corrupt.dc |
Cylance | Unsafe |
K7AntiVirus | Trojan ( 005afea61 ) |
K7GW | Trojan ( 005afea61 ) |
Symantec | ML.Attribute.HighConfidence |
Elastic | malicious (high confidence) |
APEX | Malicious |
Kaspersky | VHO:Trojan-PSW.Win32.Tepfer.gen |
Rising | Stealer.Tepfer!8.13357 (TFE:dGZlOgU3XHzCotVAEg) |
McAfeeD | Real Protect-LS!91127BCBE518 |
Trapmine | malicious.high.ml.score |
FireEye | Generic.mg.91127bcbe5188037 |
Sophos | Troj/Krypt-AEE |
Detected | |
Kingsoft | malware.kb.a.1000 |
Microsoft | Trojan:Win32/Smokeloader.GZZ!MTB |
ZoneAlarm | VHO:Trojan-PSW.Win32.Tepfer.gen |
AhnLab-V3 | Trojan/Win.PWSX-gen.R648805 |
BitDefenderTheta | Gen:NN.ZexaF.36808.nG0@aOCaRUnG |
DeepInstinct | MALICIOUS |
SentinelOne | Static AI - Malicious PE |
MaxSecure | Trojan.Malware.300983.susgen |