Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Aug. 11, 2024, 2:32 p.m.	Aug. 11, 2024, 3:04 p.m.

Size	1.9MB
Type	PE32+ executable (GUI) x86-64, for MS Windows
MD5	`444227bb8425c40230c70a0312b34d9e`
SHA256	`bbbba55fdd6cbc5ae4e2c45260327d608fae5483f793cb476538652a78730f8c`
CRC32	`F1BAA64E`
ssdeep	`49152:fYTPYIh1ihlecNwNAT0qNQ5R6NFXzZhQsnk44Rxkc25:fYTf1T57QYxkl5`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsPE64 - (no description) Antivirus - Contains references to security software anti_vm_detect - Possibly employs anti-virtualization techniques UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
212.47.253.124	Active	Moloch

No Suricata Alerts

No Suricata TLS

host

212.47.253.124

Bkav	W64.AIDetectMalware
Elastic	malicious (high confidence)
Skyhigh	BehavesLike.Win64.Downloader.th
ALYac	Gen:Variant.Zusy.555247
VIPRE	Gen:Variant.Zusy.555247
BitDefender	Gen:Variant.Zusy.555247
Cybereason	malicious.b8425c
Arcabit	Trojan.Zusy.D878EF
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win64/GameHack.JJ potentially unsafe
APEX	Malicious
Avast	Win64:TrojanX-gen [Trj]
MicroWorld-eScan	Gen:Variant.Zusy.555247
Emsisoft	Gen:Variant.Zusy.555247 (B)
FireEye	Gen:Variant.Zusy.555247
Google	Detected
MAX	malware (ai score=81)
Antiy-AVL	RiskWare/Win64.Gamehack.jj
Microsoft	Program:Win32/Wacapew.C!ml
GData	Gen:Variant.Zusy.555247
AhnLab-V3	Malware/Win.Generic.R639555
Malwarebytes	Malware.AI.1144405436
Ikarus	Trojan.Win32.Generic
MaxSecure	Trojan.Malware.300983.susgen
AVG	Win64:TrojanX-gen [Trj]

blued2.exe