Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6403_us | Aug. 26, 2024, 9:27 a.m. | Aug. 26, 2024, 9:29 a.m. |
Name | Response | Post-Analysis Lookup |
---|---|---|
No hosts contacted. |
IP Address | Status | Action |
---|---|---|
62.113.117.95 | Active | Moloch |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
section | |
section | .imports |
section | .themida |
section | {u'size_of_data': u'0x0000876a', u'virtual_address': u'0x00002000', u'entropy': 7.9725599659340505, u'name': u' ', u'virtual_size': u'0x00012000'} | entropy | 7.97255996593 | description | A section with a high entropy has been found | |||||||||
section | {u'size_of_data': u'0x0000a400', u'virtual_address': u'0x00014000', u'entropy': 7.178108226554099, u'name': u'.rsrc', u'virtual_size': u'0x0000a398'} | entropy | 7.17810822655 | description | A section with a high entropy has been found |
host | 62.113.117.95 |
Bkav | W32.AIDetectMalware |
Elastic | malicious (high confidence) |
Skyhigh | BehavesLike.Win32.Worm.vh |
Cylance | Unsafe |
Sangfor | Ransom.Win32.Save.a |
VirIT | Win95.Marburg |
Symantec | ML.Attribute.HighConfidence |
APEX | Malicious |
McAfee | Artemis!D0DD63B98BF3 |
Kaspersky | UDS:DangerousObject.Multi.Generic |
McAfeeD | Real Protect-LS!D0DD63B98BF3 |
Trapmine | malicious.high.ml.score |
FireEye | Generic.mg.d0dd63b98bf3d7e5 |
Sophos | Generic ML PUA (PUA) |
SentinelOne | Static AI - Malicious PE |
Detected | |
Kingsoft | malware.kb.a.1000 |
Gridinsoft | Trojan.Heur!.030100A1 |
Microsoft | Trojan:Win32/Sabsik.FL.A!ml |
ZoneAlarm | UDS:DangerousObject.Multi.Generic |
Varist | W32/Trojan.YJEH-0980 |
BitDefenderTheta | Gen:NN.ZexaF.36812.@x0@aK6s7ef |
DeepInstinct | MALICIOUS |
Malwarebytes | Generic.Malware.AI.DDS |
Ikarus | Trojan.Win32.Themida |
Zoner | Probably Heur.ExeHeaderL |
MaxSecure | Trojan.Malware.300983.susgen |
CrowdStrike | win/malicious_confidence_100% (W) |
dead_host | 192.168.56.101:49268 |
dead_host | 62.113.117.95:4449 |
dead_host | 192.168.56.103:22 |