Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	Aug. 6, 2024, 9:20 a.m.	Aug. 6, 2024, 9:25 a.m.

Size	38.0KB
Type	PE32+ executable (DLL) (console) x86-64, for MS Windows
MD5	`4d40d90f8bb645e5af06593608a1f21d`
SHA256	`091cab51d77f769c9e40adc8e2a475988f022c5d7b679bcd0aed24c4a95ef1e6`
CRC32	`E1D084E5`
ssdeep	`384:U14J0Ulx958Bg3o6p9U9b0wwpyuXJoJz9QMmn0r0qmMXfd+5b7If/+s9Xu1:UCaUlxoBgM943yuXJogKvY5A+`
Yara	PE_Header_Zero - PE File Signature Malicious_Packer_Zero - Malicious Packer IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check

rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\ann.dll,DllMain
1952
- rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\ann.dll,DllMain
  2112
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\ann.dll,
2052

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

No Suricata Alerts

No Suricata TLS

section	.gehcont
section	_RDATA

Bkav	W64.AIDetectMalware
Lionic	Trojan.Win32.LsassDump.4!c
Skyhigh	Artemis!Trojan
ALYac	Generic.Trojan.LsassDump.D.44A005D8
Cylance	Unsafe
VIPRE	Generic.Trojan.LsassDump.D.44A005D8
BitDefender	Generic.Trojan.LsassDump.D.44A005D8
Arcabit	Generic.Trojan.LsassDump.D.44A005D8
Symantec	Trojan.Gen.MBT
ESET-NOD32	a variant of Win64/HackTool.NanoDump.E
McAfee	Artemis!4D40D90F8BB6
Avast	MalwareX-gen [Trj]
Alibaba	HackTool:Win64/NanoDump.e7dc32f7
MicroWorld-eScan	Generic.Trojan.LsassDump.D.44A005D8
Rising	Trojan.CobaltStrike!8.EDF2 (CLOUD)
Emsisoft	Generic.Trojan.LsassDump.D.44A005D8 (B)
TrendMicro	TROJ_GEN.R002C0DH524
McAfeeD	ti!091CAB51D77F
FireEye	Generic.Trojan.LsassDump.D.44A005D8
Sophos	ATK/NanoDump-C
Google	Detected
MAX	malware (ai score=88)
Microsoft	Trojan:Win64/CobaltStrike.UH!MTB
GData	Generic.Trojan.LsassDump.D.44A005D8
Varist	W64/ABApplication.DTWH-6696
DeepInstinct	MALICIOUS
Ikarus	Trojan.Win64.Hacktool
TrendMicro-HouseCall	TROJ_GEN.R002C0DH524
AVG	MalwareX-gen [Trj]
alibabacloud	HackTool:Win/NanoDump.E

ann.dll