Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	Oct. 27, 2024, 11:47 a.m.	Oct. 27, 2024, 12:09 p.m.

Size	189.5KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`03b6be8fed80988489e171c7092d9541`
SHA256	`e66fe85a6a0b7c2dd85c4e8d884832f5b358de27f77b64ee6673ed1b7acd1d96`
CRC32	`58D140D4`
ssdeep	`3072:gA+MPNsjU+g/Pu92PkWMW50y4jrv34ClUCezULLtfYJpjcvnopvLRlpr7IlC/T8f:HJPxktlKIwJpjcwhLRlF3jCv`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature ASPack_Zero - ASPack packed file IsPE32 - (no description) Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

No Suricata Alerts

No Suricata TLS

Time & API	Arguments	Status	Return	Repeated
GetComputerNameW Oct. 27, 2024, 11:47 a.m.	computer_name: TEST22-PC	1	1	0

Time & API	Arguments	Status	Return	Repeated
GlobalMemoryStatusEx Oct. 27, 2024, 11:47 a.m.		1	1	0

Time & API	Arguments	Status	Return	Repeated
NtAllocateVirtualMemory Oct. 27, 2024, 11:47 a.m.	process_identifier: 1680 region_size: 53248 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x00230000 allocation_type: 12288 (MEM_COMMIT\|MEM_RESERVE) process_handle: 0xffffffff	1	0	0

file	C:\Users\test22\AppData\Roaming\Jaxx\Local Storage\wallet.dat

file	C:\Windows\System32\VBoxService.exe

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Azorult.4!c
Cynet	Malicious (score: 100)
Skyhigh	BehavesLike.Win32.Generic.cm
ALYac	Gen:Variant.Lazy.484341
Cylance	Unsafe
VIPRE	Gen:Variant.Lazy.484341
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_90% (D)
BitDefender	Gen:Variant.Lazy.484341
K7GW	Trojan ( 0058ba351 )
K7AntiVirus	Trojan ( 0058ba351 )
Arcabit	Trojan.Lazy.D763F5
VirIT	Trojan.Win32.GenX.AG
Symantec	ML.Attribute.HighConfidence
Elastic	Windows.Generic.Threat
ESET-NOD32	a variant of Win32/GenKryptik.FMVX
APEX	Malicious
Avast	Win32:CrypterX-gen [Trj]
Kaspersky	UDS:DangerousObject.Multi.Generic
Alibaba	Trojan:Win32/Azorult.9556c3f6
MicroWorld-eScan	Gen:Variant.Lazy.484341
Rising	Trojan.Kryptik!8.8 (TFE:5:24ym6yZErqO)
Emsisoft	Gen:Variant.Lazy.484341 (B)
F-Secure	Heuristic.HEUR/AGEN.1317648
Zillya	Trojan.GenKryptik.Win32.939636
McAfeeD	Real Protect-LS!03B6BE8FED80
Trapmine	suspicious.low.ml.score
CTX	exe.trojan.azorult
Sophos	Troj/Krypt-AKG
SentinelOne	Static AI - Malicious PE
FireEye	Generic.mg.03b6be8fed809884
Jiangmin	Trojan.Lazy.f
Google	Detected
Avira	HEUR/AGEN.1317648
Antiy-AVL	Trojan/Win32.GenKryptik
Kingsoft	Win32.Trojan.Sdum.gen
Gridinsoft	Ransom.Win32.AzorUlt.sa
Microsoft	Trojan:Win32/Azorult.C!MTB
ViRobot	Trojan.Win.Z.Lazy.194048.G
ZoneAlarm	UDS:DangerousObject.Multi.Generic
GData	Gen:Variant.Lazy.484341
Varist	W32/ABTrojan.FQVB-8311
AhnLab-V3	Trojan/Win.Generic.R663270
McAfee	Artemis!03B6BE8FED80
DeepInstinct	MALICIOUS
VBA32	BScope.Trojan.Sabsik.FL
Malwarebytes	Trojan.KoiLoader
Ikarus	Trojan.Win32.Krypt
Panda	Trj/GdSda.A

clitoritissR.exe