Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Sept. 2, 2024, 10:11 a.m.	Sept. 2, 2024, 10:33 a.m.

Size	14.1MB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`ef210f3d8e05ecafd8d41a98b5806218`
SHA256	`afa3196b3c2d0cc7bc921d98d60409d043f7c93cb760c30dbd691a20fa4b1e71`
CRC32	`DAF2CE05`
ssdeep	`98304:YrVuOrsnJc5nIsvSutn0RejfWlvmSN1BM9lu9vQ1MeLYVqita:NZU0RplJeLet`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature Malicious_Packer_Zero - Malicious Packer DllRegisterServer_Zero - execute regsvr32.exe IsPE32 - (no description) Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check

66d1b7f7f3765_Front.exe "C:\Users\test22\AppData\Local\Temp\66d1b7f7f3765_Front.exe"
2560

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

No Suricata Alerts

No Suricata TLS

section

.symtab

name

RT_VERSION

language

LANG_CHINESE

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

offset

0x00e4ae50

size

0x0000036c

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.WinGo.4!c
Elastic	malicious (moderate confidence)
Skyhigh	BehavesLike.Win32.Generic.vm
Cylance	Unsafe
Sangfor	Dropper.Win32.Wingo.Vsb4
K7GW	Trojan ( 005b9b1b1 )
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of WinGo/TrojanDropper.Agent.EK
McAfee	Artemis!EF210F3D8E05
Avast	Win32:Evo-gen [Trj]
Kaspersky	Trojan-PSW.Win32.Lumma.beg
Alibaba	TrojanDropper:Win32/WinGo.495c7291
Rising	Dropper.Agent!1.10205 (CLASSIC)
McAfeeD	ti!AFA3196B3C2D
Trapmine	malicious.moderate.ml.score
Ikarus	Trojan-Spy.WinGo.Agent
Jiangmin	Server-Proxy.Agent.a
Webroot	W32.Infostealer.Gen
Google	Detected
Avira	TR/Redcap.digur
Kingsoft	Win32.Troj.Unknown.a
Microsoft	Trojan:Win32/Casdet!rfn
ZoneAlarm	Trojan-PSW.Win32.Lumma.beg
GData	Win32.Trojan.Agent.R55IEH
AhnLab-V3	Infostealer/Win.LummaC2.C5661024
BitDefenderTheta	Gen:NN.ZexaF.36812.@F0@aqw!9bnj
DeepInstinct	MALICIOUS
Panda	Trj/Chgt.AD
TrendMicro-HouseCall	TrojanSpy.Win32.LUMMASTEALER.YXEH4Z
Fortinet	W32/Agent.EK!tr
AVG	Win32:Evo-gen [Trj]
Paloalto	generic.ml
alibabacloud	Trojan[dropper]:Multi/Agent.EH

66d1b7f7f3765_Front.exe