Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	July 11, 2024, 9:18 a.m.	July 11, 2024, 9:24 a.m.

Size	8.6MB
Type	PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
MD5	`0e9459f87d4d72ca3f3fb54af7432de9`
SHA256	`c4452b42ae44c837bb125fa539edfd57241aff7f40c63365ff4cde0d9a823f44`
CRC32	`0EDF3D4F`
ssdeep	`49152:4kmANd/Zz39voeJAg/Bst+YhOQz4W3FlFPyHF80WBh5OIm/tJe34jcH5EGgMLhZk:Uoh3FJBWz4W1lFbBnPE6wUa7nPF`
Yara	DllRegisterServer_Zero - execute regsvr32.exe Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature Malicious_Packer_Zero - Malicious Packer IsPE64 - (no description) UPX_Zero - UPX packed file Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

No Suricata Alerts

No Suricata TLS

Bkav	W64.AIDetectMalware
Elastic	malicious (high confidence)
Cynet	Malicious (score: 99)
Cylance	Unsafe
Sangfor	Trojan.Win32.Agent.Vyn6
K7AntiVirus	Trojan ( 005b177d1 )
K7GW	Trojan ( 005b177d1 )
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of WinGo/Agent.VY
McAfee	Artemis!0E9459F87D4D
Avast	Win64:Malware-gen
Kaspersky	UDS:DangerousObject.Multi.Generic
Rising	Trojan.Agent!1.F9CC (CLASSIC)
F-Secure	Trojan.TR/AVI.Agent.ykdhp
TrendMicro	Trojan.Win64.AMADEY.YXEGJZ
Sophos	Mal/Generic-S
Ikarus	Trojan.WinGo.Agent
Google	Detected
Avira	TR/AVI.Agent.ykdhp
Kingsoft	MSIL.Trojan.Agent.gen
Microsoft	Trojan:Win32/LummaStealer.MWW!MTB
ZoneAlarm	UDS:DangerousObject.Multi.Generic
Varist	W64/Agent.IKW.gen!Eldorado
DeepInstinct	MALICIOUS
Malwarebytes	Malware.AI.2919491309
Panda	Trj/Chgt.AD
TrendMicro-HouseCall	Trojan.Win64.AMADEY.YXEGJZ
SentinelOne	Static AI - Suspicious PE
Fortinet	W64/Agent.VY!tr
AVG	Win64:Malware-gen
Paloalto	generic.ml
alibabacloud	Trojan:Multi/Agent.VN

1qWbf4Bsej2u.exe