Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6403_us | Aug. 5, 2024, 11:03 a.m. | Aug. 5, 2024, 11:20 a.m. |
Name | Response | Post-Analysis Lookup |
---|---|---|
No hosts contacted. |
IP Address | Status | Action |
---|---|---|
No hosts contacted. |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
file | C:\Users\test22\AppData\Local\Temp\FCF8.tmp\1.bat |
section | {u'size_of_data': u'0x00008600', u'virtual_address': u'0x00011000', u'entropy': 7.952186716626012, u'name': u'UPX1', u'virtual_size': u'0x00009000'} | entropy | 7.95218671663 | description | A section with a high entropy has been found | |||||||||
entropy | 0.943661971831 | description | Overall entropy of this PE file is high |
section | UPX0 | description | Section name indicates UPX | ||||||
section | UPX1 | description | Section name indicates UPX |
cmdline | C:\Users\test22\AppData\Local\Temp\FCF8.tmp\1.bat "C:\Users\test22\AppData\Local\Temp\kill.exe" |
file | C:\Users\test22\AppData\Local\Temp\FCF8.tmp\1.bat |
file | C:\Users\test22\AppData\Local\Temp\FCF8.tmp |
file | C:\Users\test22\AppData\Local\Temp\FCF8.tmp\1.bat |
Bkav | W64.AIDetectMalware |
Lionic | Trojan.Win32.Convagent.4!c |
Elastic | malicious (moderate confidence) |
Cynet | Malicious (score: 100) |
Skyhigh | BehavesLike.Win64.Generic.nc |
ALYac | Trojan.GenericKD.63547160 |
Cylance | Unsafe |
VIPRE | Trojan.GenericKD.63547160 |
Sangfor | Trojan.Win32.Convagent.Vxq0 |
K7AntiVirus | Riskware ( 00584baa1 ) |
BitDefender | Trojan.GenericKD.63547160 |
K7GW | Riskware ( 00584baa1 ) |
Cybereason | malicious.960a58 |
VirIT | Backdoor.Win32.Generic.KKE |
Paloalto | generic.ml |
Symantec | ML.Attribute.HighConfidence |
tehtris | Generic.Malware |
APEX | Malicious |
Avast | Win64:Malware-gen |
ClamAV | Win.Trojan.Generic-7440302-0 |
Kaspersky | VHO:Trojan.Win32.Convagent.gen |
Alibaba | Trojan:Win64/Genric.3dc46334 |
MicroWorld-eScan | Trojan.GenericKD.63547160 |
Rising | Trojan.Convagent!8.12323 (CLOUD) |
Emsisoft | Trojan.Agent (A) |
DrWeb | Win32.HLLW.Autoruner2.51353 |
Zillya | Trojan.Convagent.Win32.12552 |
TrendMicro | TROJ_GEN.R002C0PF724 |
McAfeeD | Real Protect-LS!DA72C93960A5 |
FireEye | Generic.mg.da72c93960a58f7f |
Sophos | Generic Reputation PUA (PUA) |
Jiangmin | Trojan/PSW.Ruftar.gcx |
Antiy-AVL | Trojan/Win32.Convagent |
Kingsoft | Win32.Trojan.Convagent.gen |
Arcabit | Trojan.Generic.D3C9A718 |
ZoneAlarm | VHO:Trojan.Win32.Convagent.gen |
GData | Trojan.GenericKD.63547160 |
Varist | W64/ABTrojan.ZTUU-6188 |
AhnLab-V3 | Trojan/Win.RealProtect-LS.C5317323 |
TACHYON | Trojan/W64.SchoolGirl.73216 |
Malwarebytes | Generic.Malware.AI.DDS |
TrendMicro-HouseCall | TROJ_GEN.R002C0PF724 |
MAX | malware (ai score=81) |
Fortinet | W64/CoinMiner.MB!tr |
AVG | Win64:Malware-gen |
Panda | Trj/Chgt.AD |
CrowdStrike | win/malicious_confidence_70% (D) |
alibabacloud | Suspicious |