popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

BitLockerToGo.exe

Generic Malware Malicious Library UPX Malicious Packer PE File dll OS Processor Check PE32 DllRegisterServer
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 Sept. 4, 2024, 10:04 a.m. Sept. 4, 2024, 10:34 a.m.
Size 13.7MB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 0c349af12bacc3cda19ae8a9a4acb428
SHA256 653d40e0e9493f76c18b9852a30c7ed16106fb71854cb4f0f11953d2d7e8e43f
CRC32 DD17752B
ssdeep 98304:1TI3duijmKvoElRysAFxkI+dMGN6NwqEcizcn:cdTndMK
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer
  • DllRegisterServer_Zero - execute regsvr32.exe
  • IsPE32 - (no description)
  • Generic_Malware_Zero - Generic Malware
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section .symtab
Bkav W32.AIDetectMalware
Lionic Trojan.Win32.Generic.4!c
McAfee Artemis!0C349AF12BAC
VIPRE Gen:Variant.Lazy.591581
Sangfor Dropper.Win32.Lazy.Vio6
K7AntiVirus Trojan ( 005b9b1b1 )
BitDefender Gen:Variant.Lazy.591581
K7GW Trojan ( 005b9b1b1 )
Arcabit Trojan.Lazy.D906DD
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of WinGo/TrojanDropper.Agent.EK
Avast FileRepMalware [Misc]
Kaspersky Trojan-PSW.Win32.Lumma.bhx
Alibaba TrojanDropper:Win32/Antis.5166e8fe
MicroWorld-eScan Gen:Variant.Lazy.591581
Rising Dropper.Agent!1.10205 (CLASSIC)
Emsisoft Gen:Variant.Lazy.591581 (B)
F-Secure Trojan.TR/Redcap.eawoi
TrendMicro TrojanSpy.Win32.LUMMASTEALER.YXEICZ
McAfeeD ti!653D40E0E949
Trapmine malicious.moderate.ml.score
FireEye Gen:Variant.Lazy.591581
Jiangmin Trojan.PSW.Lumma.bk
Google Detected
Avira TR/Redcap.eawoi
MAX malware (ai score=81)
Antiy-AVL Trojan/Win32.Agent
Kingsoft Win32.Trojan-PSW.Lumma.bhx
Microsoft Trojan:Win32/Wacatac.B!ml
ZoneAlarm Trojan-PSW.Win32.Lumma.bhx
GData Gen:Variant.Lazy.591581
Varist W32/ABRisk.XCAE-8103
AhnLab-V3 Trojan/Win.Generic.C5663722
DeepInstinct MALICIOUS
VBA32 TrojanStealer.Win32.Lumma
Ikarus Malware.Win32.Antis
TrendMicro-HouseCall TrojanSpy.Win32.LUMMASTEALER.YXEICZ
Fortinet W32/Agent.EK!tr
AVG FileRepMalware [Misc]
Paloalto generic.ml
alibabacloud Trojan[dropper]:Multi/Wacatac.B9nj