Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	Aug. 11, 2024, 2:31 p.m.	Aug. 11, 2024, 3:40 p.m.

Size	1.9MB
Type	PE32+ executable (GUI) x86-64, for MS Windows
MD5	`738869c1fa8f0d3f5d5d9acbfe7dca9f`
SHA256	`a5728e04574fbb654584cb0b353852f50ccb28b969a47c93fae116411a165eaa`
CRC32	`0BD3074D`
ssdeep	`49152:b84G82Mn1UZPfT5TtQ3v01GBIJWXWZLAAnIZhL4Rxkco5:bCIlQA/Yxkb5`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsPE64 - (no description) Antivirus - Contains references to security software anti_vm_detect - Possibly employs anti-virtualization techniques UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

No Suricata Alerts

No Suricata TLS

Bkav	W64.AIDetectMalware
Elastic	malicious (high confidence)
Cynet	Malicious (score: 99)
Skyhigh	BehavesLike.Win64.Downloader.th
ALYac	Gen:Variant.Zusy.555247
VIPRE	Gen:Variant.Zusy.555247
BitDefender	Gen:Variant.Zusy.555247
Cybereason	malicious.1fa8f0
Arcabit	Trojan.Zusy.D878EF
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win64/GameHack.JJ potentially unsafe
APEX	Malicious
Avast	Win64:MalwareX-gen [Trj]
MicroWorld-eScan	Gen:Variant.Zusy.555247
Emsisoft	Gen:Variant.Zusy.555247 (B)
F-Secure	Heuristic.HEUR/AGEN.1371818
McAfeeD	ti!A5728E04574F
FireEye	Gen:Variant.Zusy.555247
SentinelOne	Static AI - Suspicious PE
Google	Detected
Avira	HEUR/AGEN.1371818
MAX	malware (ai score=82)
Antiy-AVL	RiskWare/Win64.Gamehack.jj
GData	Gen:Variant.Zusy.555247
AhnLab-V3	Malware/Win.Generic.R636917
Malwarebytes	Malware.AI.2193996335
Ikarus	Trojan.Win32.Generic
AVG	Win64:MalwareX-gen [Trj]
alibabacloud	Trojan:Win/GameHack.2d406118

cntest.exe