Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Sept. 17, 2024, 1:17 p.m.	Sept. 17, 2024, 2:08 p.m.

Size	10.0MB
Type	PE32+ executable (native) x86-64, for MS Windows
MD5	`625b58da00616f4d48b7730f6bce9261`
SHA256	`81c350c983acd9479c3de948a1886463e546e5ad61ec925caf84c3a0f8bdbfad`
CRC32	`42F9BD06`
ssdeep	`196608:tJWE0idHo97H8DzLEXvLk0iZLNbvikG+xnEvM5gNfTwr1w8wMcwDYpS8AkE4BlW5:tJIiOtcDU7oZvxLxL5gNftwTpaY`
Yara	PE_Header_Zero - PE File Signature IsPE64 - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
164.124.101.2	Active	Moloch

No Suricata Alerts

No Suricata TLS

section

{u'size_of_data': u'0x00a06600', u'virtual_address': u'0x09dae000', u'entropy': 7.913754666566001, u'name': u'a2', u'virtual_size': u'0x00a06510'}

entropy

7.91375466657

description

A section with a high entropy has been found

entropy

0.999805210616

description

Overall entropy of this PE file is high

Bkav	W64.AIDetectMalware
Lionic	Trojan.Win32.Generic.4!c
Sangfor	PUP.Win32.Agent.V892
CrowdStrike	win/malicious_confidence_70% (D)
BitDefender	Trojan.GenericKD.74138511
Arcabit	Trojan.Generic.D46B438F
Elastic	malicious (high confidence)
APEX	Malicious
MicroWorld-eScan	Trojan.GenericKD.74138511
Rising	Trojan.MalCert!1.BD30 (CLASSIC)
Emsisoft	Trojan.GenericKD.74138511 (B)
McAfeeD	ti!81C350C983AC
Trapmine	malicious.moderate.ml.score
CTX	sys.trojan.creprote
Sophos	Compromised Shenzhen Yundian CodeSigningCert (PUA)
FireEye	Generic.mg.625b58da00616f4d
Webroot	W32.Trojan.Gen
Google	Detected
Antiy-AVL	GrayWare/Win32.Creprote
Gridinsoft	Trojan.Heur!.01210023
Microsoft	PUA:Win32/Creprote
GData	Trojan.GenericKD.74138511
Varist	W64/ABTrojan.LGEW-8333
McAfee	Artemis!625B58DA0061
DeepInstinct	MALICIOUS
Malwarebytes	PUP.Optional.ChinAd
Ikarus	Trojan.Win64.Vmprotect
Paloalto	generic.ml

test.exe