Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Aug. 12, 2024, 9:41 a.m.	Aug. 12, 2024, 9:44 a.m.

Size	7.9MB
Type	PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
MD5	`677ad736788d93b76ca77717706a8176`
SHA256	`8ef1d24500ab75ee2ebde59ea01df3a168b41d9d7e987ae843c1188ec7dac49f`
CRC32	`8BEA82A8`
ssdeep	`49152:Imo7Co7xWaVpuCaqn1FmIV6Oi+eVw3HaRAGx3ycrcj/ushk8JZSjkE5E64Lo8QXs:w/VhZ0CLwEmCPaDy3B51VX`
Yara	DllRegisterServer_Zero - execute regsvr32.exe Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature Malicious_Packer_Zero - Malicious Packer IsPE64 - (no description) UPX_Zero - UPX packed file Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check

66b0ee142cf8f_PhotosExifEditor.exe "C:\Users\test22\AppData\Local\Temp\66b0ee142cf8f_PhotosExifEditor.exe"
2556

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

No Suricata Alerts

No Suricata TLS

Bkav	W64.AIDetectMalware
Lionic	Trojan.Win32.WinGo.4!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.GenericKD.73795632
CAT-QuickHeal	Trojan.MSIL
ALYac	Trojan.GenericKD.73795632
Cylance	Unsafe
VIPRE	Trojan.GenericKD.73795632
Sangfor	Dropper.Msil.Wingo.Von3
K7AntiVirus	Trojan ( 005b86ad1 )
BitDefender	Trojan.GenericKD.73795632
K7GW	Trojan ( 005b86ad1 )
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of WinGo/TrojanDropper.Agent.DS
Avast	Win64:Malware-gen
Cynet	Malicious (score: 99)
Kaspersky	Trojan.MSIL.Agent.qwiure
Alibaba	TrojanDropper:MSIL/Genric.9fe65e76
Rising	Trojan.Agent!1.F9CC (CLASSIC)
Emsisoft	Trojan.GenericKD.73795632 (B)
F-Secure	Trojan.TR/AVI.Agent.xlocs
McAfeeD	ti!8EF1D24500AB
FireEye	Trojan.GenericKD.73795632
Sophos	Mal/Generic-S
SentinelOne	Static AI - Suspicious PE
Google	Detected
Avira	TR/AVI.Agent.xlocs
MAX	malware (ai score=80)
Antiy-AVL	Trojan/Win32.Caynamer
Kingsoft	MSIL.Trojan.Agent.gen
ZoneAlarm	Trojan.MSIL.Agent.qwiure
GData	Trojan.GenericKD.73795632
Varist	W64/Agent.IKW.gen!Eldorado
DeepInstinct	MALICIOUS
Malwarebytes	Malware.AI.4223945259
Ikarus	Trojan.WinGo.Agent
Panda	Trj/Chgt.AD
TrendMicro-HouseCall	TROJ_GEN.R002H0CH924
Tencent	Msil.Trojan.Agent.Xdkl
huorong	HEUR:TrojanDropper/Agent.up
Fortinet	W32/Agent.ds!tr
AVG	Win64:Malware-gen
Paloalto	generic.ml
alibabacloud	Trojan[dropper]:Multi/Agent.DB

66b0ee142cf8f_PhotosExifEditor.exe