Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	Oct. 21, 2024, 1:37 p.m.	Oct. 21, 2024, 1:50 p.m.

Size	16.8MB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`8b938c2fc147c133573ba0f73dea242f`
SHA256	`92694fdb2bc371a82770953dc4f5581e28fe6055fcf5807429295e1e992a8dc5`
CRC32	`8BDF895E`
ssdeep	`98304:rXrZ9ldBJCKnuu313+Orn0P8dBZ6+XymX6AZTBQ6ejG09w:RxucrwP80+1TBQljG09`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature Malicious_Packer_Zero - Malicious Packer DllRegisterServer_Zero - execute regsvr32.exe anti_vm_detect - Possibly employs anti-virtualization techniques IsPE32 - (no description) Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
164.124.101.2	Active	Moloch

No Suricata Alerts

No Suricata TLS

section

.symtab

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.WinGo.4!c
Skyhigh	Artemis
Sangfor	Trojan.Win32.Agent.Vw0j
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of WinGo/TrojanDropper.Agent.EK
Avast	Win32:Evo-gen [Trj]
Kaspersky	UDS:Trojan-PSW.Win32.Lumma.dbp
F-Secure	Trojan.TR/Redcap.uquob
TrendMicro	TrojanSpy.Win32.LUMMASTEALER.YXEJPZ
McAfeeD	ti!92694FDB2BC3
Trapmine	suspicious.low.ml.score
CTX	exe.trojan.wingo
Sophos	Troj/Inject-JQY
SentinelOne	Static AI - Suspicious PE
Google	Detected
Avira	TR/Redcap.uquob
Antiy-AVL	GrayWare/Win32.Puwaders
Microsoft	Trojan:Win32/Wacatac.B!ml
Varist	W32/ABRisk.XJNR-8840
AhnLab-V3	Infostealer/Win.LummaC2.C5661468
McAfee	Artemis!8B938C2FC147
DeepInstinct	MALICIOUS
Malwarebytes	PUP.Optional.OneSafePCCleaner
Ikarus	Trojan-Dropper.WinGo.Agent
TrendMicro-HouseCall	TrojanSpy.Win32.LUMMASTEALER.YXEJPZ
huorong	Trojan/Injector.bxj
Fortinet	W32/Agent.EK!tr
AVG	Win32:Evo-gen [Trj]
Paloalto	generic.ml
alibabacloud	Trojan[dropper]:Multi/Puwaders.C9nj

6_Setup.exe