Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Sept. 2, 2024, 9:52 a.m.	Sept. 2, 2024, 9:54 a.m.

Size	18.1MB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`b7aa705ae0273c87a7af8c79f47247d2`
SHA256	`01db4e69578d9b424087b90550463a1a1ce88e36f77050fc443d3b6b50b85b23`
CRC32	`66609EA0`
ssdeep	`98304:FR+Yc7N8PztpYLPMQQ2WdqQUeDrUw3oCKB8vxFCJYpRB58C1e2gOsGlVeTXUTzv3:HqKYzfQtvoC1zAQVZpOFK/dq+7oEB`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature Malicious_Packer_Zero - Malicious Packer DllRegisterServer_Zero - execute regsvr32.exe IsPE32 - (no description) Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
164.124.101.2	Active	Moloch

No Suricata Alerts

No Suricata TLS

section

.symtab

Skyhigh	Artemis
K7AntiVirus	Trojan ( 005b9b1b1 )
K7GW	Trojan ( 005b9b1b1 )
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of WinGo/TrojanDropper.Agent.EK
McAfee	Artemis!B7AA705AE027
Avast	Win32:Evo-gen [Trj]
Kaspersky	Trojan-PSW.MSIL.Reline.xlj
Alibaba	TrojanDropper:Win32/Generic.a79db9af
Rising	Dropper.Agent!1.10205 (CLASSIC)
F-Secure	Trojan.TR/Redcap.wqkqs
TrendMicro	TrojanSpy.Win32.LUMMASTEALER.YXEIAZ
McAfeeD	ti!01DB4E69578D
Sophos	Mal/Generic-S
Google	Detected
Avira	TR/Redcap.wqkqs
Gridinsoft	Ransom.Win32.Wacatac.sa
Microsoft	Trojan:Win32/Wacatac.B!ml
ZoneAlarm	Trojan-PSW.MSIL.Reline.xlj
GData	MSIL.Trojan-Stealer.Redline.984S8G
Varist	W32/ABRisk.EWNE-3381
AhnLab-V3	Infostealer/Win.LummaC2.C5661024
DeepInstinct	MALICIOUS
Ikarus	Trojan-PWS.Win32.Zbot
TrendMicro-HouseCall	TrojanSpy.Win32.LUMMASTEALER.YXEIAZ
Fortinet	W32/Agent.EK!tr
AVG	Win32:Evo-gen [Trj]
alibabacloud	Trojan[dropper]:Multi/Agent.EH

Authenticator.exe