Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	Nov. 13, 2024, 1:55 p.m.	Nov. 13, 2024, 1:59 p.m.

Size	3.7MB
Type	PE32+ executable (GUI) x86-64, for MS Windows
MD5	`06d9c1f5142610b929557ea6e6005a63`
SHA256	`165356f1cdd243a49c95d3df02069391e079b8ef40302bb887cc146818fa84a4`
CRC32	`C0DA138A`
ssdeep	`49152:c4/6eXhp59mEp7nUX7IU6ivGtlqaVwASOrfmrTEbTRjkek2FjufBaCOh5PaOcegJ:c4/6Ep+Y39mHqWN2K4E+gPdo`
PDB Path	C:\Users\AxonDGJOGO\Downloads\ZenixLoader\x64\Release\Zenix.pdb
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature ftp_command - ftp command Malicious_Packer_Zero - Malicious Packer IsPE64 - (no description) Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
164.124.101.2	Active	Moloch

No Suricata Alerts

No Suricata TLS

pdb_path

C:\Users\AxonDGJOGO\Downloads\ZenixLoader\x64\Release\Zenix.pdb

Bkav	W64.AIDetectMalware
Lionic	Trojan.Win32.CryptInject.4!c
MicroWorld-eScan	Trojan.Generic.36468687
Skyhigh	BehavesLike.Win64.Emotet.wh
ALYac	Trojan.Generic.36468687
Cylance	Unsafe
VIPRE	Trojan.Generic.36468687
CrowdStrike	win/malicious_confidence_90% (W)
BitDefender	Trojan.Generic.36468687
K7GW	Trojan ( 005b5b891 )
K7AntiVirus	Trojan ( 005b5b891 )
Arcabit	Trojan.Generic.D22C77CF
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win64/Riskware.GameHack.AK
APEX	Malicious
Avast	Win64:DangerousSig [Trj]
Cynet	Malicious (score: 100)
Kaspersky	UDS:DangerousObject.Multi.Generic
Alibaba	Trojan:Win64/CryptInject.666abc35
Rising	Trojan.MalCert!1.BA19 (CLASSIC)
Emsisoft	Trojan.Generic.36468687 (B)
F-Secure	Heuristic.HEUR/AGEN.1371820
Zillya	Tool.GameHack.Win64.2733
McAfeeD	ti!165356F1CDD2
CTX	exe.trojan.cryptinject
Sophos	Mal/Generic-S
SentinelOne	Static AI - Malicious PE
FireEye	Trojan.Generic.36468687
Google	Detected
Avira	HEUR/AGEN.1371820
Antiy-AVL	Trojan/Win64.CryptInject
Kingsoft	Win32.Troj.Unknown.a
Xcitium	ApplicUnwnt@#g235t1go6j5d
Microsoft	Trojan:Win64/CryptInject.SIC!MTB
ZoneAlarm	UDS:DangerousObject.Multi.Generic
GData	Trojan.Generic.36468687
Varist	W64/Agent.IDJ.gen!Eldorado
Acronis	suspicious
McAfee	Artemis!06D9C1F51426
DeepInstinct	MALICIOUS
Malwarebytes	Crypt.Trojan.MSIL.DDS
Ikarus	Trojan.Win64.Krypt
Panda	Trj/GdSda.A
Tencent	Win64.Trojan.Agent.Mjgl
Fortinet	W64/GenKryptik.GHEK!tr
AVG	Win64:DangerousSig [Trj]
Paloalto	generic.ml

RuntimeBrikon.exe