8.11.9-Windows.exe| Category | Machine | Started | Completed |
|---|---|---|---|
| FILE | s1_win7_x6401 | Sept. 17, 2024, 1:29 p.m. | Sept. 17, 2024, 2:17 p.m. |
-
8.11.9-Windows.exe "C:\Users\test22\AppData\Local\Temp\8.11.9-Windows.exe"
2632
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| No hosts contacted. | ||
| IP Address | Status | Action |
|---|---|---|
| 164.124.101.2 | Active | Moloch |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
| section | .symtab |
| section | {u'size_of_data': u'0x00093e00', u'virtual_address': u'0x00ca9000', u'entropy': 7.99698983624631, u'name': u'/19', u'virtual_size': u'0x00093c6b'} | entropy | 7.99698983625 | description | A section with a high entropy has been found | |||||||||
| section | {u'size_of_data': u'0x0001ac00', u'virtual_address': u'0x00d3d000', u'entropy': 7.980773060165261, u'name': u'/32', u'virtual_size': u'0x0001aac2'} | entropy | 7.98077306017 | description | A section with a high entropy has been found | |||||||||
| section | {u'size_of_data': u'0x00118c00', u'virtual_address': u'0x00d59000', u'entropy': 7.9978687118070795, u'name': u'/65', u'virtual_size': u'0x00118ac2'} | entropy | 7.99786871181 | description | A section with a high entropy has been found | |||||||||
| section | {u'size_of_data': u'0x000bee00', u'virtual_address': u'0x00e72000', u'entropy': 7.995194165369884, u'name': u'/78', u'virtual_size': u'0x000becaa'} | entropy | 7.99519416537 | description | A section with a high entropy has been found | |||||||||
| section | {u'size_of_data': u'0x00035c00', u'virtual_address': u'0x00f31000', u'entropy': 7.938512432689286, u'name': u'/90', u'virtual_size': u'0x00035ab3'} | entropy | 7.93851243269 | description | A section with a high entropy has been found | |||||||||
| Bkav | W32.Common.C5338E52 |
| Lionic | Trojan.Win32.Generic.4!c |
| CTX | exe.trojan.generic |
| CAT-QuickHeal | Trojan.Agent |
| Skyhigh | Artemis |
| Cylance | Unsafe |
| Sangfor | Infostealer.Win32.Agent.V3q2 |
| CrowdStrike | win/malicious_confidence_60% (D) |
| Alibaba | TrojanPSW:Win32/Generic.c67f9407 |
| K7GW | Trojan ( 005b9ebb1 ) |
| K7AntiVirus | Trojan ( 005b9ebb1 ) |
| VirIT | Trojan.Win32.Genus.WKG |
| Symantec | ML.Attribute.HighConfidence |
| Elastic | malicious (moderate confidence) |
| ESET-NOD32 | a variant of WinGo/PSW.Agent.HE |
| APEX | Malicious |
| Paloalto | generic.ml |
| Cynet | Malicious (score: 99) |
| F-Secure | Trojan.TR/AVI.Agent.ytrwh |
| TrendMicro | Trojan.Win32.AMADEY.YXEH1Z |
| McAfeeD | ti!35005932465C |
| Trapmine | malicious.moderate.ml.score |
| Sophos | Mal/Generic-S |
| Ikarus | Trojan.WinGo.Agent |
| Jiangmin | Trojan.PE.gm |
| Detected | |
| Avira | TR/AVI.Agent.ytrwh |
| Antiy-AVL | Trojan[PSW]/Win32.Agent |
| Microsoft | Trojan:Win32/Phonzy.A!ml |
| GData | Win32.Trojan.Agent.OAH2Q1 |
| Varist | W32/ABTrojan.KIRA-1858 |
| AhnLab-V3 | Malware/Win.Generic.C5663783 |
| DeepInstinct | MALICIOUS |
| Malwarebytes | Malware.AI.1015433274 |
| TrendMicro-HouseCall | Trojan.Win32.AMADEY.YXEH1Z |
| Tencent | Win32.Trojan.Avi.Ddhl |
| Fortinet | W32/Agent.HE!tr.pws |
| Panda | Trj/Chgt.AD |
| alibabacloud | RiskWare:Multi/AVI.Akgpp |