Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Aug. 13, 2024, 5:07 p.m.	Aug. 13, 2024, 5:09 p.m.

Size	499.8KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
MD5	`29e3de6b17d0fdfb360834f038b59a39`
SHA256	`8cf6a3d7e5694a0453d85e67a038bb5804b6eb8969287f1d021bdb7b95234e9d`
CRC32	`406C99E7`
ssdeep	`6144:AYa6iWDISW500H8LI/xMccQ/4Fizd/zyH1sGzZYhP2C1PWPYmZBP7PRcJnPGiE+t:AYM0aHqJQwFizxzSiGu2suKPGWUUrTb`
Yara	Malicious_Library_Zero - Malicious_Library NSIS_Installer - Null Soft Installer PE_Header_Zero - PE File Signature IsPE32 - (no description) UPX_Zero - UPX packed file

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

No Suricata Alerts

No Suricata TLS

section

.ndata

file	C:\Users\test22\AppData\Local\Temp\nsm68E8.tmp\LangDLL.dll
file	C:\Users\test22\AppData\Local\Temp\nsm68E8.tmp\System.dll

Bkav	W32.AIDetectMalware
Elastic	malicious (moderate confidence)
Sangfor	Trojan.Win32.Agent.Vijg
Symantec	Trojan.Gen.MBT
ESET-NOD32	NSIS/Injector.CWE
APEX	Malicious
Avast	FileRepMalware [Misc]
Kaspersky	HEUR:Trojan.Win32.GuLoader.gen
TrendMicro	Trojan.Win32.GULOADER.YXEHLZ
McAfeeD	ti!8CF6A3D7E569
Trapmine	suspicious.low.ml.score
Google	Detected
Microsoft	Trojan:Win32/Wacatac.B!ml
ZoneAlarm	HEUR:Trojan.Win32.GuLoader.gen
Varist	W32/Trojan.KNSX-6595
McAfee	Artemis!29E3DE6B17D0
DeepInstinct	MALICIOUS
Ikarus	Trojan.NSIS.Agent
Panda	Trj/Chgt.AD
TrendMicro-HouseCall	Trojan.Win32.GULOADER.YXEHLZ
huorong	Trojan/Injector.bqy
Fortinet	W32/CWE!tr
AVG	FileRepMalware [Misc]
CrowdStrike	win/malicious_confidence_90% (W)

sahost.exe