Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6403_us | Sept. 17, 2024, 1:15 p.m. | Sept. 17, 2024, 1:18 p.m. |
Name | Response | Post-Analysis Lookup |
---|---|---|
No hosts contacted. |
IP Address | Status | Action |
---|---|---|
No hosts contacted. |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
section | CODE |
section | DATA |
section | BSS |
section | .aspack |
section | .adata |
packer | ASPack v2.12 -> Alexey Solodovnikov |
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 | ||||||||||||||||||
name | RT_BITMAP | language | LANG_CHINESE | filetype | empty | sublanguage | SUBLANG_CHINESE_SIMPLIFIED | offset | 0x001ee1a8 | size | 0x00000268 |
file | C:\Users\test22\360Downloads\Pester.bat |
file | C:\Users\test22\AppData\Local\Temp\me.exe |
section | {u'size_of_data': u'0x00097600', u'virtual_address': u'0x00001000', u'entropy': 7.9996424094090735, u'name': u'CODE', u'virtual_size': u'0x001aa000'} | entropy | 7.99964240941 | description | A section with a high entropy has been found | |||||||||
section | {u'size_of_data': u'0x00003800', u'virtual_address': u'0x001ab000', u'entropy': 7.971347799672101, u'name': u'DATA', u'virtual_size': u'0x00008000'} | entropy | 7.97134779967 | description | A section with a high entropy has been found | |||||||||
section | {u'size_of_data': u'0x00001200', u'virtual_address': u'0x001b7000', u'entropy': 7.8996258025312915, u'name': u'.idata', u'virtual_size': u'0x00004000'} | entropy | 7.89962580253 | description | A section with a high entropy has been found | |||||||||
section | {u'size_of_data': u'0x0000ea00', u'virtual_address': u'0x001da000', u'entropy': 7.465974589909418, u'name': u'.rsrc', u'virtual_size': u'0x0006a000'} | entropy | 7.46597458991 | description | A section with a high entropy has been found | |||||||||
entropy | 0.967399007796 | description | Overall entropy of this PE file is high |
cmdline | ping -n 4 127.0.0.1 |
Bkav | W32.AIDetectMalware |
Lionic | Trojan.Win32.Znyonm.4!c |
ALYac | Trojan.GenericKD.74127287 |
VIPRE | Trojan.GenericKD.74127287 |
Sangfor | Trojan.Win32.Znyonm.Vjhb |
BitDefender | Trojan.GenericKD.74127287 |
Arcabit | Trojan.Generic.D46B17B7 |
Symantec | ML.Attribute.HighConfidence |
Elastic | malicious (moderate confidence) |
Avast | Win32:Malware-gen |
Kaspersky | UDS:DangerousObject.Multi.Generic |
MicroWorld-eScan | Trojan.GenericKD.74127287 |
Rising | Trojan.Znyonm!8.18A3A (LESS:bWQ1Ot/f3Uo17GC1) |
Emsisoft | Trojan.GenericKD.74127287 (B) |
DrWeb | Trojan.MulDrop28.20947 |
McAfeeD | ti!D52A633FEE08 |
CTX | exe.trojan.znyonm |
Sophos | Mal/Generic-S |
FireEye | Trojan.GenericKD.74127287 |
Detected | |
Antiy-AVL | Trojan/Win32.Znyonm |
Microsoft | Trojan:Win32/Znyonm |
ZoneAlarm | UDS:DangerousObject.Multi.Generic |
GData | Trojan.GenericKD.74127287 |
Varist | W32/ABTrojan.QVJQ-5606 |
McAfee | Artemis!B691FC64D375 |
DeepInstinct | MALICIOUS |
Malwarebytes | Generic.Malware/Suspicious |
Panda | Trj/Chgt.AD |
MaxSecure | Trojan.Malware.300983.susgen |
Fortinet | W32/PossibleThreat |
AVG | Win32:Malware-gen |
Paloalto | generic.ml |