Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	Aug. 30, 2024, 10:57 a.m.	Aug. 30, 2024, 11:16 a.m.

Size	140.0KB
Type	PE32+ executable (console) x86-64, for MS Windows
MD5	`cb466c26bb103105b293f2c6c9eecac8`
SHA256	`606200a953202e91ac07723eb0083a98d8c9a6a20a8d21696127267bfabaad3d`
CRC32	`F89547E4`
ssdeep	`3072:InIIk+R5LhO6wM6IZ6HyLy9rdmJTQSaMm5/6aYS8ox:InbkC5LE6NLKqWlL8U`
PDB Path	C:\Users\korek\Desktop\etherly public\subzero\build\kdmapper-master\x64\Release\kdmapper_Release.pdb
Yara	PE_Header_Zero - PE File Signature Malicious_Packer_Zero - Malicious Packer IsPE64 - (no description) Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

This executable has a PDB path (1 event)

pdb_path

C:\Users\korek\Desktop\etherly public\subzero\build\kdmapper-master\x64\Release\kdmapper_Release.pdb

File has been identified by 53 AntiVirus engines on VirusTotal as malicious (50 out of 53 events)

Bkav	W64.AIDetectMalware
Lionic	Hacktool.Win32.GameHack.3!c
Elastic	malicious (high confidence)
Skyhigh	BehavesLike.Win64.Backdoor.ch
ALYac	Gen:Variant.Tedy.507246
Cylance	Unsafe
VIPRE	Gen:Variant.Tedy.507246
Sangfor	Suspicious.Win32.Save.a
K7AntiVirus	Trojan ( 0058ef681 )
BitDefender	Gen:Variant.Tedy.507246
K7GW	Riskware ( abcd70071 )
Cybereason	malicious.6bb103
Arcabit	Trojan.Tedy.D7BD6E
VirIT	HackTool.Win64.Genus.CHJA
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win64/HackTool.GameHack.Q
APEX	Malicious
McAfee	Artemis!CB466C26BB10
Avast	Win64:HacktoolX-gen [Trj]
ClamAV	Win.Tool.Zusy-10033075-0
Kaspersky	HEUR:HackTool.Win32.DriverLoader.gen
Alibaba	HackTool:Win32/DriverLoader.18154aeb
MicroWorld-eScan	Gen:Variant.Tedy.507246
Rising	HackTool.GameHack!8.59E (CLOUD)
Emsisoft	Gen:Variant.Tedy.507246 (B)
Zillya	Tool.GameHack.Win64.1813
TrendMicro	TROJ_FRS.VSNTBO24
McAfeeD	ti!606200A95320
FireEye	Gen:Variant.Tedy.507246
Sophos	ATK/Kdmapper-A
SentinelOne	Static AI - Malicious PE
Jiangmin	HackTool.DriverLoader.fk
Webroot	W32.HackTool.Gen
Google	Detected
MAX	malware (ai score=100)
Kingsoft	Win32.HackTool.DriverLoader.gen
Xcitium	Malware@#2lramrd9o0bua
Microsoft	Trojan:Win32/Casdet!rfn
ZoneAlarm	HEUR:HackTool.Win32.DriverLoader.gen
GData	Gen:Variant.Tedy.507246
AhnLab-V3	Trojan/Win.Generic.R623832
DeepInstinct	MALICIOUS
Malwarebytes	Generic.Malware.AI.DDS
Ikarus	Trojan.Win64.Krypt
TrendMicro-HouseCall	TROJ_FRS.VSNTBO24
Tencent	Malware.Win32.Gencirc.11c5b318
Yandex	Riskware.GameHack!R2xgHXtVjk0
huorong	Trojan/Generic!DA11520A00EDB00F
MaxSecure	Trojan.Malware.202002184.susgen
Fortinet	W64/GameHack.Q!tr

mapp.exe

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All