Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6403_us | Aug. 2, 2024, 5:18 p.m. | Aug. 2, 2024, 5:23 p.m. |
-
build_2024-07-24_23-16.exe "C:\Users\test22\AppData\Local\Temp\build_2024-07-24_23-16.exe"
1540
Name | Response | Post-Analysis Lookup |
---|---|---|
No hosts contacted. |
IP Address | Status | Action |
---|---|---|
No hosts contacted. |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
section | .yaren |
section | .lumac |
resource name | DUKUPIREYAFEHO |
name | DUKUPIREYAFEHO | language | LANG_TURKISH | filetype | ASCII text, with very long lines, with no line terminators | sublanguage | SUBLANG_DEFAULT | offset | 0x0003c450 | size | 0x00000bf7 | ||||||||||||||||||
name | RT_ICON | language | LANG_TURKISH | filetype | GLS_BINARY_LSB_FIRST | sublanguage | SUBLANG_DEFAULT | offset | 0x00045a78 | size | 0x00000468 | ||||||||||||||||||
name | RT_ICON | language | LANG_TURKISH | filetype | GLS_BINARY_LSB_FIRST | sublanguage | SUBLANG_DEFAULT | offset | 0x00045a78 | size | 0x00000468 | ||||||||||||||||||
name | RT_ICON | language | LANG_TURKISH | filetype | GLS_BINARY_LSB_FIRST | sublanguage | SUBLANG_DEFAULT | offset | 0x00045a78 | size | 0x00000468 | ||||||||||||||||||
name | RT_ICON | language | LANG_TURKISH | filetype | GLS_BINARY_LSB_FIRST | sublanguage | SUBLANG_DEFAULT | offset | 0x00045a78 | size | 0x00000468 | ||||||||||||||||||
name | RT_ICON | language | LANG_TURKISH | filetype | GLS_BINARY_LSB_FIRST | sublanguage | SUBLANG_DEFAULT | offset | 0x00045a78 | size | 0x00000468 | ||||||||||||||||||
name | RT_ICON | language | LANG_TURKISH | filetype | GLS_BINARY_LSB_FIRST | sublanguage | SUBLANG_DEFAULT | offset | 0x00045a78 | size | 0x00000468 | ||||||||||||||||||
name | RT_ICON | language | LANG_TURKISH | filetype | GLS_BINARY_LSB_FIRST | sublanguage | SUBLANG_DEFAULT | offset | 0x00045a78 | size | 0x00000468 | ||||||||||||||||||
name | RT_ICON | language | LANG_TURKISH | filetype | GLS_BINARY_LSB_FIRST | sublanguage | SUBLANG_DEFAULT | offset | 0x00045a78 | size | 0x00000468 | ||||||||||||||||||
name | RT_GROUP_ICON | language | LANG_TURKISH | filetype | data | sublanguage | SUBLANG_DEFAULT | offset | 0x00046250 | size | 0x00000076 |
section | {u'size_of_data': u'0x00023a00', u'virtual_address': u'0x00001000', u'entropy': 7.733293846013758, u'name': u'.text', u'virtual_size': u'0x000239a3'} | entropy | 7.73329384601 | description | A section with a high entropy has been found | |||||||||
entropy | 0.708955223881 | description | Overall entropy of this PE file is high |
Bkav | W32.AIDetectMalware |
Lionic | Trojan.Win32.Crypt.4!c |
Elastic | malicious (high confidence) |
Cynet | Malicious (score: 100) |
CAT-QuickHeal | Ransom.Stop.P5 |
Skyhigh | BehavesLike.Win32.MultiPlug.dc |
McAfee | Artemis!72BCB9136FDE |
Cylance | Unsafe |
VIPRE | Gen:Variant.Midie.151432 |
Sangfor | Trojan.Win32.Kryptik.V7o3 |
K7AntiVirus | Riskware ( 00584baa1 ) |
BitDefender | Gen:Variant.Midie.151432 |
K7GW | Riskware ( 00584baa1 ) |
Symantec | ML.Attribute.HighConfidence |
ESET-NOD32 | a variant of Win32/Kryptik.HXPA |
APEX | Malicious |
Avast | Win32:PWSX-gen [Trj] |
ClamAV | Win.Packed.Smokeloader-10033583-0 |
Kaspersky | HEUR:Trojan.Win32.Crypt.gen |
Alibaba | Backdoor:Win32/Mokes.76df65bc |
MicroWorld-eScan | Gen:Variant.Midie.151432 |
Rising | Trojan.SmokeLoader!1.1001E (CLASSIC) |
Emsisoft | Gen:Variant.Midie.151432 (B) |
F-Secure | Trojan.TR/Crypt.Agent.gcwhe |
DrWeb | Trojan.PWS.Steam.37475 |
TrendMicro | TrojanSpy.Win32.VIDAR.YXEHBZ |
McAfeeD | Real Protect-LS!72BCB9136FDE |
Trapmine | malicious.high.ml.score |
FireEye | Generic.mg.72bcb9136fde10fd |
Sophos | Troj/Krypt-AEE |
SentinelOne | Static AI - Malicious PE |
Detected | |
Avira | TR/Crypt.Agent.gcwhe |
MAX | malware (ai score=82) |
Antiy-AVL | Trojan[Backdoor]/Win32.Mokes |
Kingsoft | malware.kb.a.1000 |
Gridinsoft | Ransom.Win32.STOP.sa |
Microsoft | Backdoor:Win32/Mokes.GNK!MTB |
ViRobot | Trojan.Win.Z.Mokes.206848 |
ZoneAlarm | HEUR:Trojan.Win32.Crypt.gen |
GData | Win32.Packed.Kryptik.IH4DBM |
Varist | W32/ABTrojan.IERX-0468 |
AhnLab-V3 | Trojan/Win.Generic.R658943 |
BitDefenderTheta | Gen:NN.ZexaF.36810.my0@aKlV0boG |
DeepInstinct | MALICIOUS |
VBA32 | BScope.Exploit.UAC |
Ikarus | Trojan.Win32.Crypt |
Panda | Trj/Genetic.gen |
TrendMicro-HouseCall | TrojanSpy.Win32.VIDAR.YXEHBZ |
Tencent | Win32.Trojan.Crypt.Osmw |