Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	Oct. 17, 2024, 2:30 p.m.	Oct. 17, 2024, 2:30 p.m.

Size	470.5KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`0bc532538aea8f63c70ed009d4290c73`
SHA256	`fc074a5ed883b127fe005d14e1e0b870a93318ed1840fd94e9771458a19a229e`
CRC32	`DFFA9F39`
ssdeep	`12288:Htmox/Sl5vkKtAXjsoZ8wHonsfZg464x:NmW6l5vkKtAD8wIKZJ`
Yara	Malicious_Library_Zero - Malicious_Library Network_Downloader - File Downloader PE_Header_Zero - PE File Signature infoStealer_browser_b_Zero - browser info stealer Malicious_Packer_Zero - Malicious Packer IsPE32 - (no description) Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

The executable contains unknown PE section names indicative of a packer (could be a false positive) (1 event)

section

.gfids

File has been identified by 61 AntiVirus engines on VirusTotal as malicious (50 out of 61 events)

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Remcos.4!c
Cynet	Malicious (score: 100)
Skyhigh	BehavesLike.Win32.Remcos.gh
ALYac	Generic.Remcos.2E7179B4
Cylance	Unsafe
VIPRE	Generic.Remcos.2E7179B4
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (W)
BitDefender	Generic.Remcos.2E7179B4
K7GW	Trojan ( 0053ac2c1 )
K7AntiVirus	Trojan ( 0053ac2c1 )
Arcabit	Generic.Remcos.2E7179B4
Baidu	Win32.Trojan.Kryptik.awm
VirIT	Trojan.Win32.Remcos.DMW
Symantec	ML.Attribute.HighConfidence
Elastic	Windows.Trojan.Remcos
ESET-NOD32	a variant of Win32/Rescoms.B
APEX	Malicious
Avast	Win32:RATX-gen [Trj]
ClamAV	Win.Trojan.Remcos-9841897-0
Kaspersky	HEUR:Trojan.Win32.Generic
Alibaba	Backdoor:Win32/Remcos.32ecb540
NANO-Antivirus	Trojan.Win32.Rescoms.jtnxow
SUPERAntiSpyware	Trojan.Agent/Gen-Crypt
MicroWorld-eScan	Generic.Remcos.2E7179B4
Rising	Backdoor.Remcos!1.BAC7 (CLASSIC)
Emsisoft	Generic.Remcos.2E7179B4 (B)
F-Secure	Backdoor.BDS/Backdoor.Gen
DrWeb	Trojan.MulDrop21.14404
Zillya	Trojan.Rescoms.Win32.1170
McAfeeD	Real Protect-LS!0BC532538AEA
CTX	exe.trojan.remcos
Sophos	Troj/Remcos-DI
Ikarus	Backdoor.Remcos
FireEye	Generic.mg.0bc532538aea8f63
Jiangmin	Trojan.Generic.hocna
Google	Detected
Avira	BDS/Backdoor.Gen
Antiy-AVL	Trojan[Backdoor]/Win32.Rescoms.b
Kingsoft	malware.kb.a.1000
Gridinsoft	Ransom.Win32.Wacatac.oa!s1
Microsoft	Trojan:Win32/Remcos!pz
ViRobot	Trojan.Win.Z.Rescoms.481792
ZoneAlarm	HEUR:Backdoor.Win32.Remcos.gen
GData	Win32.Malware.Bucaspys.B
Varist	W32/Agent.FLG.gen!Eldorado
AhnLab-V3	Trojan/Win.RemcosRAT.R534966
McAfee	Remcos-FDQO!0BC532538AEA
DeepInstinct	MALICIOUS

rundl.exe

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All