x64.exe| Category | Machine | Started | Completed |
|---|---|---|---|
| FILE | s1_win7_x6403_us | Aug. 5, 2024, 11:13 a.m. | Aug. 5, 2024, 11:23 a.m. |
-
x64.exe "C:\Users\test22\AppData\Local\Temp\x64.exe"
204
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| No hosts contacted. | ||
| IP Address | Status | Action |
|---|---|---|
| No hosts contacted. | ||
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
| pdb_path | D:\Projects\WinRAR\sfx\build\sfxrar32\Release\sfxrar.pdb |
| section | .didat |
| resource name | PNG |
| file | C:\Users\test22\AppData\Local\Temp\x64\10.exe |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\adfw.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\pcre-0.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\tucl.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\Hide contents.bat |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\trch.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\eth2.exe |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\posh.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\pcla-0.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\pcrecpp-0.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\1.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\tibe.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\trfo.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\coli-0.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\iconv.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\cnli-1.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\crli-0.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\avtorm.exe |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\3.exe |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\zlib1.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\2.exe |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\trfo-0.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\eth1.exe |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\pcreposix-0.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\trch-1.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\3.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\ucl.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\PsExec.exe |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\tibe-1.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\zibe.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\netscan.exe |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\riar-2.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\libeay32.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\exma-1.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\openrdp.bat |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\2.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\libiconv-2.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\gpupd.bat |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\riar.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\adfw-2.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\posh-0.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\dmgd-4.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\tibe-2.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\tucl-1.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\mimilib.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\libcurl.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\mimispool.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\newuser.bat |
| file | C:\Users\test22\AppData\Local\Temp\x64\zexploit.bat |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\trfo-2.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\trch-0.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\trfo-2.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\tibe.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\zibe.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\exma-1.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\netscan.exe |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\trfo-0.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\zlib1.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\posh.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\pcre-0.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\pcreposix-0.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\adfw-2.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\adfw.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\tucl-1.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\coli-0.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\libxml2.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\trfo.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\trch.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\1.exe |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\libiconv-2.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\libcurl.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\pcrecpp-0.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\eth1.exe |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\exma.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\trch-1.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\riar-2.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\iconv.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\pcla-0.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\crli-0.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\PsExec.exe |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\xdvl-0.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\cnli-0.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\3.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\eth2.exe |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\ssleay32.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\tibe-1.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\posh-0.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\riar.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\tibe-2.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\libeay32.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\_pytrch.pyd |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\2.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\cnli-1.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\ucl.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\esco-0.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\1.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\tucl.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\2.exe |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\dmgd-1.dll |
| file | C:\Users\test22\AppData\Local\Temp\x64\puls\dmgd-4.dll |
| section | {u'size_of_data': u'0x0000e200', u'virtual_address': u'0x00064000', u'entropy': 6.802173495258792, u'name': u'.rsrc', u'virtual_size': u'0x0000e050'} | entropy | 6.80217349526 | description | A section with a high entropy has been found | |||||||||
| Bkav | W32.AIDetectMalware |
| Lionic | Trojan.Win32.Boxter.a!c |
| Elastic | malicious (high confidence) |
| Cynet | Malicious (score: 99) |
| CAT-QuickHeal | HackTool.Mimikatz.M8 |
| Skyhigh | Generic.bte |
| ALYac | Trojan.AgentWDCR.SEY |
| Cylance | Unsafe |
| VIPRE | Heur.BZC.ONG.Boxter.1020.42930F65 |
| Sangfor | PUP.Win32.Mimikatz.Vrew |
| K7AntiVirus | Trojan ( 0001140e1 ) |
| BitDefender | Heur.BZC.ONG.Boxter.1020.42930F65 |
| K7GW | Trojan ( 0001140e1 ) |
| Cybereason | malicious.c60edd |
| Arcabit | Heur.BZC.ONG.Boxter.1020.41EB1CA9 [many] |
| VirIT | PUP.Win32.Mimikatz.BB |
| Symantec | W32.Fixflo.B |
| ESET-NOD32 | multiple detections |
| Avast | Win32:GenMaliciousA-GHG [PUP] |
| ClamAV | Win.Packed.Bladabindi-10017056-0 |
| Kaspersky | HEUR:Trojan-Downloader.BAT.Agent.gen |
| Alibaba | Trojan:Win32/Mimikatz.4b2 |
| NANO-Antivirus | Trojan.Win32.Inject4.jozwdf |
| MicroWorld-eScan | Heur.BZC.ONG.Boxter.1020.42930F65 |
| Rising | Trojan.EquationDrug!8.4782 (KTSE) |
| Emsisoft | Heur.BZC.ONG.Boxter.1020.42930F65 (B) |
| F-Secure | HackTool:W32/NetScan.A |
| DrWeb | Trojan.Inject4.52780 |
| TrendMicro | PUA.Win32.NetScan.A |
| McAfeeD | ti!73FCCE1D5D98 |
| FireEye | Generic.mg.e4b9f59c60edde99 |
| Sophos | Generic Reputation PUA (PUA) |
| Ikarus | Trojan.Rasftuby |
| Detected | |
| Avira | PUA/Mimikatz.xbskc |
| MAX | malware (ai score=84) |
| Antiy-AVL | Trojan[APT]/Win32.Equation |
| Kingsoft | Win32.Troj.Unknown.a |
| Gridinsoft | Malware.U.GenericMC.cc |
| Xcitium | ApplicUnwnt@#qynp99f8xp9r |
| Microsoft | HackTool:Win32/Mimikatz.ESN |
| ZoneAlarm | HEUR:Trojan-Downloader.BAT.Agent.gen |
| GData | Win64.Trojan-Stealer.Mimikatz.J |
| Varist | W32/Netscan.TQQY-4566 |
| DeepInstinct | MALICIOUS |
| VBA32 | Trojan.Agent |
| Malwarebytes | Malware.AI.1496234985 |
| Zoner | Trojan.Win32.63743 |
| TrendMicro-HouseCall | PUA.Win32.NetScan.A |
| Tencent | Bat.Trojan-Downloader.Agent.Lqil |