Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Aug. 30, 2024, 6:07 p.m.	Aug. 30, 2024, 6:13 p.m.

Size	2.6MB
Type	PE32+ executable (console) x86-64, for MS Windows
MD5	`f277e1eea63502240b9c2183248fdfca`
SHA256	`27abe6f4dc371d7e7008dc5c4b079d85f6e2c5b583b2fd831674186e92d583fd`
CRC32	`E2808211`
ssdeep	`49152:kwgIVz/f/pxyOF+wTSZ1ItH7oTcCYnENFvBZe2tYLv:jHp+wuYsfUv`
PDB Path	C:\Users\123\source\repos\vvware_v3\x64\Release\vvware_v3.pdb
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature ftp_command - ftp command Malicious_Packer_Zero - Malicious Packer IsPE64 - (no description) Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

No Suricata Alerts

No Suricata TLS

pdb_path

C:\Users\123\source\repos\vvware_v3\x64\Release\vvware_v3.pdb

section

_RDATA

section

{u'size_of_data': u'0x000b8200', u'virtual_address': u'0x001dd000', u'entropy': 7.758655090581133, u'name': u'.data', u'virtual_size': u'0x000ba8fc'}

entropy

7.75865509058

description

A section with a high entropy has been found

entropy

0.272676786375

description

Overall entropy of this PE file is high

Bkav	W64.AIDetectMalware
Lionic	Trojan.Win32.Generic.4!c
Elastic	malicious (high confidence)
Cynet	Malicious (score: 100)
Skyhigh	BehavesLike.Win64.Dropper.vc
Cylance	Unsafe
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
ClamAV	Win.Malware.Khalesi-9946850-0
McAfeeD	ti!27ABE6F4DC37
Trapmine	malicious.moderate.ml.score
SentinelOne	Static AI - Malicious PE
Google	Detected
Microsoft	Program:Win32/Wacapew.C!ml
DeepInstinct	MALICIOUS
Malwarebytes	Malware.AI.126759605
Ikarus	Trojan.Win64.Krypt
MaxSecure	Trojan.Malware.300983.susgen
Paloalto	generic.ml
CrowdStrike	win/malicious_confidence_90% (D)

vvware_v3.exe