Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	Sept. 27, 2024, 1:33 p.m.	Sept. 27, 2024, 1:35 p.m.

Size	2.5MB
Type	PE32+ executable (console) x86-64, for MS Windows
MD5	`bbea55c736e2eccfcbaf36bd4467c419`
SHA256	`7d7f580de5a46d90941ed4c7db9ac24e0117a957614324647d6c528b7d2f1833`
CRC32	`9C0F5D2E`
ssdeep	`49152:ftAectIwG0HVzQOhOXjJCEKEQIvufRoGp:fiG0VcOhOzJzLYoGp`
PDB Path	F:\10æ16æ¥å¤ä»½\åç§æºç \COD19ç§ææºç \TOPæºç \TOPåä»£çæ¬æºç +è¯´æ\æ§çæ¬ä»5.0-15.3\çæ¬å·ï¼2.4.7- COD19ç-ä¿®å¤èªçç - ä¿®å¤å¯è§ç\COD_TB\x64\Release\TOP_2.4.6.pdb
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature Malicious_Packer_Zero - Malicious Packer IsPE64 - (no description) Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

This executable has a PDB path (1 event)

pdb_path

F:\10æ16æ¥å¤ä»½\åç§æºç \COD19ç§ææºç \TOPæºç \TOPåä»£çæ¬æºç +è¯´æ\æ§çæ¬ä»5.0-15.3\çæ¬å·ï¼2.4.7- COD19ç-ä¿®å¤èªçç - ä¿®å¤å¯è§ç\COD_TB\x64\Release\TOP_2.4.6.pdb

File has been identified by 45 AntiVirus engines on VirusTotal as malicious (45 events)

Bkav	W64.AIDetectMalware
Lionic	Trojan.Win32.GameHack.4!c
Cynet	Malicious (score: 100)
Skyhigh	BehavesLike.Win64.Injector.vh
ALYac	Gen:Variant.Lazy.534854
Cylance	Unsafe
VIPRE	Gen:Variant.Lazy.534854
Sangfor	Trojan.Win32.Save.BlackMoon
CrowdStrike	win/malicious_confidence_90% (W)
BitDefender	Gen:Variant.Lazy.534854
K7GW	Trojan ( 0058ef5b1 )
K7AntiVirus	Trojan ( 0058ef5b1 )
Arcabit	Trojan.Lazy.D82946
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win64/HackTool.GameHack.Q
Avast	Win32:Malware-gen
ClamAV	Win.Dropper.Tiggre-9845940-0
Alibaba	HackTool:Win64/Krypt.f32aa432
MicroWorld-eScan	Gen:Variant.Lazy.534854
Rising	Malware.Undefined!8.C (TFE:5:QntIFX5CFiG)
Emsisoft	Gen:Variant.Lazy.534854 (B)
Zillya	Tool.GameHack.Win64.2168
McAfeeD	ti!7D7F580DE5A4
CTX	exe.hacktool.generic
SentinelOne	Static AI - Suspicious PE
FireEye	Generic.mg.bbea55c736e2eccf
Webroot	W32.Malware.Gen
Google	Detected
Antiy-AVL	Trojan/Win32.Blamon.a
Kingsoft	Win32.Troj.Unknown.a
Xcitium	Malware@#2pccg8fw2bm2o
GData	Gen:Variant.Lazy.534854
Varist	W64/GameHack.EW.gen!Eldorado
AhnLab-V3	Malware/Win.Generic.R663016
McAfee	Artemis!BBEA55C736E2
DeepInstinct	MALICIOUS
Malwarebytes	Generic.Malware.AI.DDS
Ikarus	Trojan.Win64.Krypt
TrendMicro-HouseCall	TROJ_GEN.R002H0DEN24
Yandex	Riskware.GameHack!wM1VKnG/OiI
MaxSecure	Trojan.Malware.121218.susgen
Fortinet	W64/GameHack.Q!tr
AVG	Win32:Malware-gen
Paloalto	generic.ml

3.exe

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All