Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Oct. 21, 2024, 5:02 p.m.	Oct. 21, 2024, 5:04 p.m.

Size	135.5KB
Type	PE32+ executable (console) x86-64, for MS Windows
MD5	`cd415bfdf24a89a41789a86b67d07bea`
SHA256	`45223efdb6920807e0a7e2e28f6b917a4a135066322df39d0af69b1a5901b49d`
CRC32	`347A83AB`
ssdeep	`3072:IQAfbv8/t/cS0Dfrkao9rUmJTQSaMm5/6fCpSi:Iq5cS0ITWlnpSi`
PDB Path	C:\Users\andre\Desktop\kdmapper-master\x64\Release\kdmapper.pdb
Yara	PE_Header_Zero - PE File Signature Malicious_Packer_Zero - Malicious Packer IsPE64 - (no description) Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

This executable has a PDB path (1 event)

pdb_path

C:\Users\andre\Desktop\kdmapper-master\x64\Release\kdmapper.pdb

File has been identified by 53 AntiVirus engines on VirusTotal as malicious (50 out of 53 events)

Bkav	W64.AIDetectMalware
Lionic	Hacktool.Win32.GameHack.3!c
Cynet	Malicious (score: 100)
Skyhigh	BehavesLike.Win64.Backdoor.ch
ALYac	Gen:Variant.Application.Tedy.197228
Cylance	Unsafe
VIPRE	Gen:Variant.Application.Tedy.197228
Sangfor	Hacktool.Win32.Gamehack.Vpgw
CrowdStrike	win/malicious_confidence_100% (W)
BitDefender	Gen:Variant.Application.Tedy.197228
Arcabit	Trojan.Application.Tedy.D3026C
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win64/HackTool.GameHack.Q
Avast	Win64:Evo-gen [Trj]
ClamAV	Win.Malware.Genkryptik-10034801-0
Kaspersky	HEUR:HackTool.Win32.DriverLoader.gen
Alibaba	HackTool:Win64/Krypt.95fcce35
MicroWorld-eScan	Gen:Variant.Application.Tedy.197228
Rising	Hacktool.GameHack!8.59E (CLOUD)
Emsisoft	Gen:Variant.Application.Tedy.197228 (B)
F-Secure	Trojan.TR/Hacktool.cgnuo
Zillya	Tool.GameHack.Win64.304
McAfeeD	ti!45223EFDB692
CTX	exe.hacktool.generic
Sophos	ATK/Kdmapper-A
SentinelOne	Static AI - Malicious PE
FireEye	Gen:Variant.Application.Tedy.197228
Jiangmin	HackTool.DriverLoader.jp
Webroot	W32.Trojan.TR.Hacktool.cgnuo
Google	Detected
Avira	TR/Hacktool.cgnuo
Antiy-AVL	Trojan/Win64.SGeneric
Kingsoft	Win32.HackTool.DriverLoader.gen
Gridinsoft	Ransom.Win64.Sabsik.oa!s1
Microsoft	HackTool:Win32/Vigorf.A
ZoneAlarm	HEUR:HackTool.Win32.DriverLoader.gen
GData	Gen:Variant.Application.Tedy.197228
Varist	W64/Hacktool.W.gen!Eldorado
AhnLab-V3	Malware/Win.Generic.R478274
McAfee	RDN/Generic PUP.z
DeepInstinct	MALICIOUS
Malwarebytes	GameHack.HackTool.RiskWare.DDS
Ikarus	Trojan.Win64.Krypt
TrendMicro-HouseCall	TROJ_GEN.R002H0CJ624
Tencent	Malware.Win32.Gencirc.115d5335
Yandex	Riskware.GameHack!YMzRusd+G4g
huorong	HackTool/DriverLoader.b
MaxSecure	Trojan.Malware.180765853.susgen
Fortinet	Adware/GameHack

00000000.exe

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All