Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Sept. 27, 2024, 1:32 p.m.	Sept. 27, 2024, 1:34 p.m.

Size	2.5MB
Type	PE32+ executable (console) x86-64, for MS Windows
MD5	`3f766be1002f79cef2a8b0656f18ecb9`
SHA256	`538657e0e69a3e37da94646672537f3c7764a81d0b0896c7305f06f799245d92`
CRC32	`97B62C91`
ssdeep	`49152:sevcjewG0HVzQOhOXjJCEKEQIvufRoGpfPACp:sdG0VcOhOzJzLYoGpfP5`
PDB Path	F:\10æ16æ¥å¤ä»½\åç§æºç \COD19ç§ææºç \TOPæºç \TOPåä»£çæ¬æºç +è¯´æ\æ§çæ¬ä»5.0-15.3\çæ¬å·ï¼2.4.7- COD19ç-ä¿®å¤èªçç - ä¿®å¤å¯è§ç\COD_TB\x64\Release\TOP_2.4.6.pdb
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature Malicious_Packer_Zero - Malicious Packer IsPE64 - (no description) Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

This executable has a PDB path (1 event)

pdb_path

F:\10æ16æ¥å¤ä»½\åç§æºç \COD19ç§ææºç \TOPæºç \TOPåä»£çæ¬æºç +è¯´æ\æ§çæ¬ä»5.0-15.3\çæ¬å·ï¼2.4.7- COD19ç-ä¿®å¤èªçç - ä¿®å¤å¯è§ç\COD_TB\x64\Release\TOP_2.4.6.pdb

File has been identified by 45 AntiVirus engines on VirusTotal as malicious (45 events)

Bkav	W64.AIDetectMalware
Lionic	Trojan.Win32.GameHack.4!c
Cynet	Malicious (score: 100)
Skyhigh	BehavesLike.Win64.Injector.vh
ALYac	Gen:Variant.Lazy.534854
Cylance	Unsafe
VIPRE	Gen:Variant.Lazy.534854
Sangfor	Trojan.Win32.Save.BlackMoon
CrowdStrike	win/malicious_confidence_90% (W)
BitDefender	Gen:Variant.Lazy.534854
K7GW	Trojan ( 0058ef5b1 )
K7AntiVirus	Trojan ( 0058ef5b1 )
Arcabit	Trojan.Lazy.D82946
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win64/HackTool.GameHack.Q
Avast	Win32:Malware-gen
ClamAV	Win.Dropper.Tiggre-9845940-0
Alibaba	HackTool:Win64/Krypt.f32aa432
MicroWorld-eScan	Gen:Variant.Lazy.534854
Rising	Malware.Undefined!8.C (TFE:5:QntIFX5CFiG)
Emsisoft	Gen:Variant.Lazy.534854 (B)
Zillya	Tool.GameHack.Win64.2135
McAfeeD	ti!538657E0E69A
CTX	exe.trojan.generic
SentinelOne	Static AI - Suspicious PE
FireEye	Generic.mg.3f766be1002f79ce
Webroot	W32.Malware.Gen
Google	Detected
Antiy-AVL	Trojan/Win32.Blamon.a
Kingsoft	Win32.Troj.Unknown.a
Gridinsoft	Trojan.Win64.CoinMiner.sa
Xcitium	Malware@#24lfgohzz5hbf
GData	Gen:Variant.Lazy.534854
Varist	W64/GameHack.EW.gen!Eldorado
AhnLab-V3	Malware/Win.Generic.R663016
McAfee	Artemis!3F766BE1002F
DeepInstinct	MALICIOUS
Malwarebytes	Generic.Malware.AI.DDS
Ikarus	Trojan.Win64.Krypt
TrendMicro-HouseCall	TROJ_GEN.R002H0DEN24
MaxSecure	Trojan.Malware.121218.susgen
Fortinet	W64/GameHack.Q!tr
AVG	Win32:Malware-gen
Paloalto	generic.ml

2.exe

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All