Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	Oct. 12, 2024, 9:33 a.m.	Oct. 12, 2024, 9:40 a.m.

Size	5.6MB
Type	PE32+ executable (GUI) x86-64, for MS Windows
MD5	`35b5a66be6e3bcfbf109f19ceac7cbb1`
SHA256	`3a68cd7db885a8b3c3124386739fb31a6bf459bfa53cd0e63bf1e1bcf706496c`
CRC32	`57DCDEDD`
ssdeep	`49152:PcD3clMfhuSOE48I86Cb6g9Dl/eOvgCHGtYojz5E7ZZ9YrWHRHqfwYtzxgWF5Yjt:DMvb66/eOzN+E75MDgO+x`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature Malicious_Packer_Zero - Malicious Packer IsPE64 - (no description) UPX_Zero - UPX packed file

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
172.67.177.134	Active	Moloch

No Suricata Alerts

No Suricata TLS

section

.symtab

host

172.67.177.134

Lionic	Trojan.Win32.Sdum.4!c
MicroWorld-eScan	Gen:Variant.Cerbu.215888
ALYac	Gen:Variant.Cerbu.215888
VIPRE	Gen:Variant.Cerbu.215888
CrowdStrike	win/malicious_confidence_90% (D)
BitDefender	Gen:Variant.Cerbu.215888
Arcabit	Trojan.Cerbu.D34B50
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
Avast	Win64:MalwareX-gen [Trj]
Kaspersky	VHO:Trojan.Win32.Sdum.gen
Emsisoft	Gen:Variant.Cerbu.215888 (B)
McAfeeD	ti!3A68CD7DB885
CTX	exe.trojan.cerbu
Sophos	Mal/Generic-S
SentinelOne	Static AI - Suspicious PE
FireEye	Gen:Variant.Cerbu.215888
Webroot	W32.Malware.Gen
Antiy-AVL	GrayWare/Win32.Wacapew
Kingsoft	Win32.Trojan.Sdum.gen
Gridinsoft	Trojan.Win64.Agent.sa
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
GData	Gen:Variant.Cerbu.215888
Google	Detected
DeepInstinct	MALICIOUS
Malwarebytes	Malware.AI.3762233124
Ikarus	Win32.Outbreak
Panda	Trj/Chgt.AD
TrendMicro-HouseCall	TROJ_GEN.R014H09JB24
huorong	Trojan/ShellLoader.pr
MaxSecure	Trojan.Malware.1728101.susgen
AVG	Win64:MalwareX-gen [Trj]
Paloalto	generic.ml
alibabacloud	Trojan:Win/Sdum.gyf

amd64.exe