Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	Aug. 30, 2024, 10:58 a.m.	Aug. 30, 2024, 11:20 a.m.

Size	520.0KB
Type	PE32+ executable (console) x86-64, for MS Windows
MD5	`0b1d213e54d820dd3fefa386aa3e1f43`
SHA256	`0e7ff3739925d9952c557cd8c3454c181549953975cc6241e95a638c52c33dcd`
CRC32	`CD04FDC0`
ssdeep	`12288:vwEh/b02vun/UtniLxUD9HpxZamJNcXo/0:Yw/Q4u/euUDlPZamAXo/`
PDB Path	E:\BRONKZ BACKUP 16 02 2024\Loaders C# Bronkz Private Store\Revendedores Painel\Cybertins\Auth Plus\KeyAuth-CPP-Example-main\x64\Release\FivemUnbanBaimless.pdb
Yara	Network_Downloader - File Downloader PE_Header_Zero - PE File Signature ftp_command - ftp command IsPE64 - (no description) Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
164.124.101.2	Active	Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

This executable has a PDB path (1 event)

pdb_path

E:\BRONKZ BACKUP 16 02 2024\Loaders C# Bronkz Private Store\Revendedores Painel\Cybertins\Auth Plus\KeyAuth-CPP-Example-main\x64\Release\FivemUnbanBaimless.pdb

File has been identified by 46 AntiVirus engines on VirusTotal as malicious (46 events)

Bkav	W64.AIDetectMalware
Lionic	Trojan.Win32.Generic.4!c
Elastic	malicious (high confidence)
Cynet	Malicious (score: 100)
Skyhigh	BehavesLike.Win64.Downloader.hh
ALYac	Gen:Variant.Tedy.601499
VIPRE	Gen:Variant.Tedy.601499
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Trojan-Downloader ( 0058d8671 )
BitDefender	Gen:Variant.Tedy.601499
K7GW	Trojan-Downloader ( 0058d8671 )
Cybereason	malicious.e54d82
Arcabit	Trojan.Tedy.D92D9B
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win64/TrojanDownloader.Agent.NV
APEX	Malicious
Avast	Win64:DropperX-gen [Drp]
Alibaba	TrojanDownloader:Win64/DropperX.3d4d9ba4
MicroWorld-eScan	Gen:Variant.Tedy.601499
Rising	Downloader.Agent!8.B23 (TFE:5:NK4kB3NEEfD)
Emsisoft	Gen:Variant.Tedy.601499 (B)
F-Secure	Heuristic.HEUR/AGEN.1315669
TrendMicro	TROJ_GEN.R002C0DFA24
McAfeeD	ti!0E7FF3739925
FireEye	Gen:Variant.Tedy.601499
Sophos	Mal/Generic-S
SentinelOne	Static AI - Malicious PE
Google	Detected
Avira	HEUR/AGEN.1315669
MAX	malware (ai score=84)
Microsoft	Trojan:Win64/Tedy.GPBX!MTB
GData	Gen:Variant.Tedy.601499
Varist	W64/Agent.EBK.gen!Eldorado
AhnLab-V3	Trojan/Win.Generic.R642790
Acronis	suspicious
DeepInstinct	MALICIOUS
Malwarebytes	Generic.Malware/Suspicious
Ikarus	Trojan.Win64.Krypt
Panda	Trj/Chgt.AD
TrendMicro-HouseCall	TROJ_GEN.R002C0DFA24
huorong	Backdoor/Agent.pv
MaxSecure	Trojan.Malware.74409670.susgen
Fortinet	W64/Agent.NV!tr
AVG	Win64:DropperX-gen [Drp]
Paloalto	generic.ml
CrowdStrike	win/malicious_confidence_100% (D)

54.exe

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All