Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Nov. 11, 2024, 10:01 a.m.	Nov. 11, 2024, 10:05 a.m.

Size	37.2MB
Type	PE32+ executable (console) x86-64, for MS Windows
MD5	`a92c1499dbcfff3bc5b57853f6219eec`
SHA256	`b4c84c53e83488f95024a23205daaf21fcfb7b311f752f6497fbd8c6655611e2`
CRC32	`620BDAFC`
ssdeep	`393216:RQgHDlanaGBXvDKtz+bhPWES4tiNQPNrIKc4gaPbUAgrO4mg396l+ZArYsFRlrN2:R3on1HvSzxAMN3FZArYs+PvAX7OZ0i`
PDB Path	C:\Users\runneradmin\AppData\Local\Temp\pkg.3fcc969acc52617e676dcbbb\node\out\Release\node.pdb
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature Malicious_Packer_Zero - Malicious Packer IsPE64 - (no description) Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
164.124.101.2	Active	Moloch

No Suricata Alerts

No Suricata TLS

pdb_path

C:\Users\runneradmin\AppData\Local\Temp\pkg.3fcc969acc52617e676dcbbb\node\out\Release\node.pdb

section

_RDATA

Lionic	Trojan.Win32.GenericKDQ.i!c
Cynet	Malicious (score: 99)
Skyhigh	Artemis
ALYac	QD:Trojan.GenericKDQ.1D90F3FDAB
VIPRE	QD:Trojan.GenericKDQ.1D90F3FDAB
BitDefender	QD:Trojan.GenericKDQ.1D90F3FDAB
K7GW	Trojan ( 005b53be1 )
K7AntiVirus	Trojan ( 005b53be1 )
Arcabit	QD:Trojan.GenericQ.1D90F3FDAB
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	JS/Spy.Agent.JE
Avast	Win64:Malware-gen
Kaspersky	Trojan-PSW.Win64.Doenerium.xi
Alibaba	TrojanPSW:Win64/Doenerium.bdfb60ef
MicroWorld-eScan	QD:Trojan.GenericKDQ.1D90F3FDAB
Rising	Spyware.Agent/JS!8.12721 (CLOUD)
Emsisoft	QD:Trojan.GenericKDQ.1D90F3FDAB (B)
F-Secure	Trojan.TR/AVI.Agent.vcuqn
McAfeeD	ti!B4C84C53E834
CTX	exe.trojan.doenerium
Sophos	Mal/Generic-S
FireEye	QD:Trojan.GenericKDQ.1D90F3FDAB
Google	Detected
Avira	TR/AVI.Agent.vcuqn
Antiy-AVL	Trojan[PSW]/Win64.Doenerium
Xcitium	Malware@#39n7fdjwfpwz3
Microsoft	Trojan:Win32/Leonem
GData	QD:Trojan.GenericKDQ.1D90F3FDAB
Varist	W64/ABTrojan.QECD-8858
AhnLab-V3	Trojan/Win.Hydra.C5690186
DeepInstinct	MALICIOUS
VBA32	TrojanPSW.Win64.Doenerium
Ikarus	Trojan.JS.Cryxos
Panda	Trj/Chgt.AD
Tencent	Malware.Win32.Gencirc.14202881
MaxSecure	Trojan.Malware.295813175.susgen
Fortinet	JS/Agent.JE!tr.spy
AVG	Win64:Malware-gen
Paloalto	generic.ml

document.exe