Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	July 31, 2024, 10:16 a.m.	July 31, 2024, 10:17 a.m.

Size	193.2KB
Type	PE32 executable (console) Intel 80386, for MS Windows
MD5	`73afff7e03cd55b7bc02151da0782e7b`
SHA256	`2c167bb116d27576beed8d229b2d364a79b57acca36e185bd11c9576ae4b7b98`
CRC32	`191323DF`
ssdeep	`768:csfY5DRtOhVkzDOWsfY5DRtOhVkzDOESItdsfY5DRtOhVkzDO7FsfY5DRtOhVkzC:cz+kOWz+kOkz+kOBz+kO`
PDB Path	BthUdTask.pdb
Yara	PE_Header_Zero - PE File Signature IsPE32 - (no description) UPX_Zero - UPX packed file

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

No Suricata Alerts

No Suricata TLS

pdb_path

BthUdTask.pdb

section

.didat

resource name

MUI

Bkav	W32.Common.1532C27B
Lionic	Trojan.Win32.Lumma.4!c
Elastic	malicious (moderate confidence)
Cynet	Malicious (score: 99)
Skyhigh	Artemis!Trojan
Sangfor	Trojan.JS.Agent.V8r4
K7AntiVirus	Trojan ( 005b37251 )
K7GW	Trojan ( 005b37251 )
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of JS/Agent.RNX
McAfee	Artemis!73AFFF7E03CD
Avast	Win32:Lumma-E [Drp]
Kaspersky	UDS:DangerousObject.Multi.Generic
Alibaba	Trojan:JS/Lumma.36daf95e
Rising	Trojan.Agent/JS!8.11351 (CLOUD)
F-Secure	Malware.JS/Agent.kabsx
TrendMicro	TrojanSpy.Win32.LUMMASTEALER.YXEG4Z
McAfeeD	ti!2C167BB116D2
Sophos	Mal/Generic-S
Ikarus	Trojan.JS.Agent
Google	Detected
Avira	JS/Agent.kabsx
Kingsoft	Win32.Troj.Unknown.a
Gridinsoft	Ransom.Win32.Wacatac.sa
Microsoft	Trojan:Win32/Wacatac.B!ml
ZoneAlarm	UDS:DangerousObject.Multi.Generic
GData	Win32.Trojan.Agent.9E4TKO
Panda	Trj/Chgt.AD
TrendMicro-HouseCall	TrojanSpy.Win32.LUMMASTEALER.YXEG4Z
Fortinet	W32/Agent.DAT!tr
AVG	Win32:Lumma-E [Drp]
alibabacloud	Trojan:Javascript/Agent.RTF

123123123