Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	July 26, 2024, 11:57 a.m.	July 26, 2024, 12:09 p.m.

Size	20.0KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`eed7347593de2141727d3960041d8c8e`
SHA256	`6c19c61dd69a8628e38246fc2ce05cee66967eb36f49bde4797892f441b10cad`
CRC32	`198F25AE`
ssdeep	`384:D/piPNDeVU9iCUAdAAtlYxJ4JVB00FXMSKR:EPNaVUhU+LYOvFX`
Yara	PE_Header_Zero - PE File Signature IsPE32 - (no description) UPX_Zero - UPX packed file

peinf.exe "C:\Users\test22\AppData\Local\Temp\peinf.exe"
2548

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
45.33.6.223	Active	Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Communicates with host for which no DNS query was performed (1 event)

host

45.33.6.223

File has been identified by 54 AntiVirus engines on VirusTotal as malicious (50 out of 54 events)

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Patched.trwY
Cynet	Malicious (score: 99)
Skyhigh	BehavesLike.Win32.Generic.mm
ALYac	Gen:Variant.Ransom.GandCrab.2664
Cylance	Unsafe
VIPRE	Gen:Variant.Ransom.GandCrab.2664
Sangfor	Downloader.Win32.GandCrab.Vslo
K7AntiVirus	Trojan-Downloader ( 005b43121 )
BitDefender	Gen:Variant.Ransom.GandCrab.2664
K7GW	Trojan-Downloader ( 005b43121 )
Cybereason	malicious.593de2
Arcabit	Trojan.Ransom.GandCrab.DA68
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/TrojanDownloader.Agent_AGen.GG
APEX	Malicious
McAfee	Trojan-FWOA!EED7347593DE
Avast	Win32:MalwareX-gen [Trj]
Kaspersky	HEUR:Virus.Win32.Zeropi.gen
Alibaba	TrojanDownloader:Win32/GandCrab.c9c98f88
SUPERAntiSpyware	Trojan.Agent/Gen-Downloader
MicroWorld-eScan	Gen:Variant.Ransom.GandCrab.2664
Rising	Trojan.Phorpiex!1.EB7A (CLASSIC)
Emsisoft	Gen:Variant.Ransom.GandCrab.2664 (B)
F-Secure	Trojan.TR/AD.Phorpiex.ybjxr
DrWeb	Trojan.DownLoader46.2135
Zillya	Downloader.AgentAGen.Win32.24465
TrendMicro	TROJ_GEN.R002C0DGP24
McAfeeD	ti!6C19C61DD69A
FireEye	Gen:Variant.Ransom.GandCrab.2664
Sophos	Mal/Generic-S
Google	Detected
Avira	TR/AD.Phorpiex.ybjxr
MAX	malware (ai score=84)
Antiy-AVL	Trojan/Win32.GandCrab
Kingsoft	Win32.Virus.Zeropi.gen
Gridinsoft	Ransom.Win32.Gandcrab.sa
Microsoft	Trojan:Win32/GandCrab.NA!MTB
ZoneAlarm	HEUR:Virus.Win32.Zeropi.gen
GData	Win32.Trojan.PSE.17C6J32
AhnLab-V3	Malware/Win.Generic.C5472676
DeepInstinct	MALICIOUS
VBA32	BScope.Worm.Propriex
Malwarebytes	Trojan.Downloader
Ikarus	Trojan.Win32.Krypt
Panda	Trj/GdSda.A
TrendMicro-HouseCall	TROJ_GEN.R002C0DGP24
Tencent	Malware.Win32.Gencirc.11c2ee4d
huorong	TrojanDownloader/W64.MalDownload.a

peinf.exe

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All