Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6402	Aug. 30, 2024, 11:29 p.m.	Aug. 30, 2024, 11:30 p.m.

Size	11.5MB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`3b83989d2f86d143dbdbb20cf0608a1f`
SHA256	`6497a7b33252a782e523bebd2809712ea3b9faec34d901e0df92d3f6fb6abf83`
CRC32	`21AE969E`
ssdeep	`49152:gj1VMrpntvIdVLxxa9Kn2ZCNcFIoVIVF6P8M/o1rWNjB29VEc9Zi9Cgm+Ijhp6Q4:a1VMFiVLUK1Ao1W729fHiFo4GYTg`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature Malicious_Packer_Zero - Malicious Packer DllRegisterServer_Zero - execute regsvr32.exe anti_vm_detect - Possibly employs anti-virtualization techniques IsPE32 - (no description) Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check

6497a7b33252a782e523bebd2809712ea3b9faec34d901e0df92d3f6fb6abf83.exe "C:\Users\test22\AppData\Local\Temp\6497a7b33252a782e523bebd2809712ea3b9faec34d901e0df92d3f6fb6abf83.exe"
3004

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
164.124.101.2	Active	Moloch

No Suricata Alerts

No Suricata TLS

section

.symtab

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Lumma.i!c
MicroWorld-eScan	Trojan.GenericKD.73961708
VIPRE	Trojan.GenericKD.73961708
BitDefender	Trojan.GenericKD.73961708
Arcabit	Trojan.Generic.D46890EC
VirIT	Trojan.Win32.Genus.WJG
ESET-NOD32	a variant of WinGo/TrojanDropper.Agent.EK
McAfee	Artemis!3B83989D2F86
Avast	Win32:Malware-gen
Kaspersky	Trojan-PSW.Win32.Lumma.bdd
Rising	Dropper.Agent!1.10205 (CLASSIC)
Emsisoft	Trojan.GenericKD.73961708 (B)
F-Secure	Trojan.TR/AVI.Agent.sgdeq
TrendMicro	TrojanSpy.Win32.LUMMASTEALER.YXEH3Z
McAfeeD	ti!6497A7B33252
Trapmine	malicious.moderate.ml.score
FireEye	Trojan.GenericKD.73961708
Jiangmin	Server-Proxy.Agent.a
Webroot	W32.Infostealer.Lumma
Google	Detected
Avira	TR/AVI.Agent.sgdeq
MAX	malware (ai score=84)
Kingsoft	Win32.Trojan-PSW.Lumma.bdd
Microsoft	Trojan:Win32/Wacatac.B!ml
ZoneAlarm	Trojan-PSW.Win32.Lumma.bdd
GData	Trojan.GenericKD.73961708
Varist	W32/ABRisk.BCZZ-1047
AhnLab-V3	Infostealer/Win.LummaC2.C5661024
BitDefenderTheta	Gen:NN.ZexaF.36812.@F0@auyijZii
DeepInstinct	MALICIOUS
Ikarus	Malware.Win32.Antis
TrendMicro-HouseCall	TrojanSpy.Win32.LUMMASTEALER.YXEH3Z
Fortinet	W32/Agent.EK!tr
AVG	Win32:Malware-gen
Paloalto	generic.ml

6497a7b33252a782e523bebd2809712ea3b9faec34d901e0df92d3f6fb6abf83.exe