Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6401 | Aug. 4, 2024, 1:19 p.m. | Aug. 4, 2024, 1:23 p.m. |
-
%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C_%E5%AD%A4%E5%B2%9B%E6%83%8A%E9%AD%823.exe "C:\Users\test22\AppData\Local\Temp\%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C_%E5%AD%A4%E5%B2%9B%E6%83%8A%E9%AD%823.exe"
2636
Name | Response | Post-Analysis Lookup |
---|---|---|
No hosts contacted. |
IP Address | Status | Action |
---|---|---|
164.124.101.2 | Active | Moloch |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
section | {u'size_of_data': u'0x005aa200', u'virtual_address': u'0x00a7b000', u'entropy': 7.8919928633257435, u'name': u'UPX1', u'virtual_size': u'0x005ab000'} | entropy | 7.89199286333 | description | A section with a high entropy has been found | |||||||||
entropy | 0.999913807964 | description | Overall entropy of this PE file is high |
section | UPX0 | description | Section name indicates UPX | ||||||
section | UPX1 | description | Section name indicates UPX | ||||||
section | UPX2 | description | Section name indicates UPX |
Bkav | W64.AIDetectMalware |
Cynet | Malicious (score: 100) |
Skyhigh | BehavesLike.Win64.CoinMiner.tc |
Cylance | Unsafe |
Sangfor | Trojan.Win32.Save.a |
Symantec | ML.Attribute.HighConfidence |
Elastic | malicious (moderate confidence) |
ESET-NOD32 | a variant of WinGo/Kryptik.FF |
APEX | Malicious |
Avast | Win64:Evo-gen [Trj] |
Kaspersky | UDS:DangerousObject.Multi.Generic |
Alibaba | Trojan:Win64/ShellcodeRunner.0fcf943c |
Rising | Trojan.Agent!1.FF00 (CLOUD) |
McAfeeD | ti!EFC9E08763B0 |
Sophos | Mal/Generic-S |
Ikarus | Trojan.WinGo.Injector |
Detected | |
Antiy-AVL | GrayWare/Win32.Kryptik.ffp |
Kingsoft | Win32.Hack.Undef.a |
Microsoft | Trojan:Win32/Wacatac.B!ml |
ZoneAlarm | UDS:DangerousObject.Multi.Generic |
GData | Win64.Trojan.Agent.11K231 |
Varist | W64/Agent.FXW.gen!Eldorado |
McAfee | Artemis!DC481056E653 |
DeepInstinct | MALICIOUS |
Panda | Trj/Chgt.AD |
TrendMicro-HouseCall | TROJ_GEN.R014H01H324 |
MaxSecure | Trojan.Malware.300983.susgen |
AVG | Win64:Evo-gen [Trj] |
CrowdStrike | win/malicious_confidence_60% (W) |
alibabacloud | Trojan:Multi/ShellcodeRunner.GXZ#3DGW |