Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Aug. 21, 2024, 1:25 p.m.	Aug. 21, 2024, 1:46 p.m.

Size	23.1MB
Type	PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
MD5	`9b3fcb53cc12bc68eb44db3e55ad4731`
SHA256	`bcad9c21500bf00e52eba9d790a68507d4027eb31a16d40ff41b99de11d7cd54`
CRC32	`CFEA89B9`
ssdeep	`98304:xHaC2FWf2YTdfiz/aBxnIL3jz9hds0NmYhfNE7L0TNyfo6QGqcC9:sM2cdfiEQ1hfe7oTcFQGqr9`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature Malicious_Packer_Zero - Malicious Packer IsPE64 - (no description) DllRegisterServer_Zero - execute regsvr32.exe Microsoft_Office_File_Zero - Microsoft Office File Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check

66bf6d1018bb1_deskman.exe "C:\Users\test22\AppData\Local\Temp\66bf6d1018bb1_deskman.exe"
2640

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
164.124.101.2	Active	Moloch

No Suricata Alerts

No Suricata TLS

Bkav	W64.AIDetectMalware
Lionic	Trojan.Win32.Agent.Y!c
Elastic	malicious (high confidence)
Skyhigh	Artemis
Cylance	Unsafe
Sangfor	Trojan.Win64.Agent.V6rq
K7AntiVirus	Trojan ( 005b96191 )
K7GW	Trojan ( 005b96191 )
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of WinGo/TrojanDropper.Agent.EB
McAfee	Artemis!9B3FCB53CC12
Avast	Win64:Malware-gen
Kaspersky	Trojan.MSIL.Agent.qwiuzr
Alibaba	Trojan:MSIL/GenKryptik.6d3366c9
F-Secure	Heuristic.HEUR/AGEN.1375355
TrendMicro	TrojanSpy.Win64.LUMMASTEALER.YXEHQZ
McAfeeD	ti!BCAD9C21500B
Sophos	Mal/Generic-S
Webroot	W32.Trojan.Gen
Google	Detected
Avira	HEUR/AGEN.1375355
Antiy-AVL	Trojan/Win32.Wacatac
Microsoft	Trojan:Win32/Acll
ZoneAlarm	Trojan.MSIL.Agent.qwiuzr
GData	Win64.Trojan.Agent.I5GZ4R
Varist	W64/Agent.IKW.gen!Eldorado
AhnLab-V3	Malware/Win.Malware-gen.R635432
DeepInstinct	MALICIOUS
Ikarus	Trojan-Dropper.WinGo.Agent
TrendMicro-HouseCall	TrojanSpy.Win64.LUMMASTEALER.YXEHQZ
Tencent	Malware.Win32.Gencirc.1416aafd
huorong	HEUR:Trojan/Injector.av
MaxSecure	Trojan.Malware.275513989.susgen
Fortinet	W64/Agent.VY!tr
AVG	Win64:Malware-gen
Paloalto	generic.ml
alibabacloud	Trojan:Win/Wacatac.B9nj

66bf6d1018bb1_deskman.exe