Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Sept. 30, 2024, 11:14 a.m.	Sept. 30, 2024, 11:46 a.m.

Size	1.8MB
Type	PE32+ executable (GUI) x86-64, for MS Windows
MD5	`18ad834f5a8779d88d5db1ee291ddb26`
SHA256	`45b6a1a61dc109144cf44111b6733d3fa5024aa7952815ae8742ba2f81e874ea`
CRC32	`2E038873`
ssdeep	`24576:P80asHo2BEYHMRZheuTa7LEeSIMdvcszE7CW:EpsHo/uuTaHEeSIav3`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature Malicious_Packer_Zero - Malicious Packer IsPE64 - (no description) Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

No Suricata Alerts

No Suricata TLS

section

.gfids

Bkav	W64.AIDetectMalware
Lionic	Trojan.Win32.Rozena.4!c
Cynet	Malicious (score: 99)
ALYac	Trojan.GenericKD.73396827
Cylance	Unsafe
BitDefender	Trojan.GenericKD.73396827
K7GW	Trojan ( 005963661 )
K7AntiVirus	Trojan ( 005963661 )
Arcabit	Trojan.Generic.D45FF25B
VirIT	Trojan.Win64.Agent.GZB
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win64/Rozena.SC
Avast	Win64:Malware-gen
Kaspersky	Trojan.Win64.Agentb.kyyr
Alibaba	Trojan:Win64/Rozena.cc5bce36
MicroWorld-eScan	Trojan.GenericKD.73396827
Emsisoft	Trojan.GenericKD.73396827 (B)
F-Secure	Trojan.TR/Rozena.uvbww
VIPRE	Trojan.GenericKD.73396827
TrendMicro	Backdoor.Win64.SWRORT.YXEGIZ
McAfeeD	ti!45B6A1A61DC1
CTX	exe.trojan.rozena
Sophos	Mal/Generic-S
FireEye	Trojan.GenericKD.73396827
Webroot	W32.Trojan.Gen
Google	Detected
Avira	TR/Rozena.uvbww
Antiy-AVL	Trojan/Win64.Agentb
Kingsoft	Win64.Trojan.Agentb.a
Gridinsoft	Malware.Win64.Rozena.cl
Xcitium	Malware@#f88h7b8i3lj3
Microsoft	Trojan:Win64/Cobaltstrike.HL!MTB
ZoneAlarm	Trojan.Win64.Agentb.kyyr
GData	Trojan.GenericKD.73396827
Varist	W64/ABTrojan.BOEA-6259
AhnLab-V3	Trojan/Win.CobaltStrike.C5648436
VBA32	Backdoor.CobaltStrike
DeepInstinct	MALICIOUS
Malwarebytes	Neshta.Virus.FileInfector.DDS
Ikarus	Trojan.Win64.Rozena
Panda	Trj/GdSda.A
TrendMicro-HouseCall	Backdoor.Win64.SWRORT.YXEGIZ
Tencent	Malware.Win32.Gencirc.11c43413
huorong	Trojan/Generic!321EDD7C283880A2
MaxSecure	Trojan.Malware.114192910.susgen
Fortinet	W64/Rozena.SC!tr
AVG	Win64:Malware-gen
Paloalto	generic.ml
alibabacloud	Trojan:Win/Rozena.SW

0703_uac_doc.exe