Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Aug. 19, 2024, 2:09 p.m.	Aug. 19, 2024, 2:24 p.m.

Size	4.1MB
Type	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`2dc4f429bb5eab87e58f960d961591d8`
SHA256	`b812f0bdaef117619a6240c06b271d83bd202d17267e78fa999e61c5d4ab8e02`
CRC32	`F5D4B10A`
ssdeep	`98304:jzPCTqBhz0X01PAt5Ub41mnYpkFDCJ+7CFjBO:nPCi50X95U81qYWFDCJsCF1O`
PDB Path	jeetPack_industryexe.pdb
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature Is_DotNET_EXE - (no description) IsPE32 - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

This executable has a PDB path (1 event)

pdb_path

jeetPack_industryexe.pdb

The executable contains unknown PE section names indicative of a packer (could be a false positive) (1 event)

section

.sdata

The file contains an unknown PE resource name possibly indicative of a packer (1 event)

resource name

None

The binary likely contains encrypted or compressed data indicative of a packer (2 events)

section

{u'size_of_data': u'0x003d8c00', u'virtual_address': u'0x00002000', u'entropy': 7.544756929866274, u'name': u'.text', u'virtual_size': u'0x003d8a84'}

entropy

7.54475692987

description

A section with a high entropy has been found

entropy

0.940095465394

description

Overall entropy of this PE file is high

File has been identified by 49 AntiVirus engines on VirusTotal as malicious (49 events)

Bkav	W32.AIDetectMalware.CS
Lionic	Trojan.Win32.Injuke.16!c
Elastic	malicious (high confidence)
ALYac	Trojan.GenericKD.73855482
VIPRE	Trojan.GenericKD.73855482
Sangfor	Trojan.Msil.Kryptik.Vqok
K7AntiVirus	Trojan ( 005b6e851 )
BitDefender	Trojan.GenericKD.73855482
K7GW	Trojan ( 005b6e851 )
Cybereason	malicious.9bb5ea
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/Kryptik.ALTN
APEX	Malicious
Avast	Win32:MalwareX-gen [Trj]
ClamAV	Win.Packed.Malwarex-10033462-0
Kaspersky	HEUR:Trojan.MSIL.Injuke.gen
Alibaba	Trojan:MSIL/Remcos.ae2bdc2d
MicroWorld-eScan	Trojan.GenericKD.73855482
Rising	Malware.Obfus/MSIL@AI.98 (RDM.MSIL2:h9dxUT4oRuR9Job5t50+qQ)
Emsisoft	Trojan.GenericKD.73855482 (B)
F-Secure	Trojan.TR/AVI.Agent.mazjx
TrendMicro	Trojan.Win32.PRIVATELOADER.YXEHQZ
McAfeeD	ti!B812F0BDAEF1
FireEye	Trojan.GenericKD.73855482
Sophos	Mal/Generic-S
SentinelOne	Static AI - Malicious PE
Google	Detected
Avira	TR/AVI.Agent.mazjx
MAX	malware (ai score=87)
Antiy-AVL	Trojan/MSIL.Injuke
Kingsoft	MSIL.Trojan.Injuke.gen
Gridinsoft	Ransom.Win32.Wacatac.cl
Microsoft	Trojan:MSIL/Remcos.AAR!MTB
ZoneAlarm	HEUR:Trojan.MSIL.Injuke.gen
GData	Trojan.GenericKD.73855482
Varist	W32/ABRisk.DOCM-6909
AhnLab-V3	Trojan/Win.MalwareX-gen.C5659627
BitDefenderTheta	Gen:NN.ZemsilCO.36812.@tW@aG4zel
DeepInstinct	MALICIOUS
Ikarus	Trojan.MSIL.Crypt
Panda	Trj/Agent.CTG
TrendMicro-HouseCall	Trojan.Win32.PRIVATELOADER.YXEHQZ
Tencent	Msil.Trojan.Injuke.Gplw
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/Kryptik.ALTN!tr
AVG	Win32:MalwareX-gen [Trj]
Paloalto	generic.ml
CrowdStrike	win/malicious_confidence_90% (D)
alibabacloud	Trojan:MSIL/Injuke.gyf

66bf6c17b76df_file.exe

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All