Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	Nov. 22, 2024, 3:31 p.m.	Nov. 22, 2024, 3:33 p.m.

Size	47.5KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
MD5	`7077281a1e876202fe81ad4cde09ce2f`
SHA256	`bb8d77352949d330e8c4af63c13b7742bfa9f0b94c608664f021b13169251a20`
CRC32	`F9683F8B`
ssdeep	`768:Vn04RNfdSXe28HjPxWlk0CoCzXtBi4PY//I0D3fmoxbxAuauIRdzOc1prIwwXbdx:d04f1SMHjZ0k/tB1g//I0DuoxbxAHsc0`
Yara	Malicious_Library_Zero - Malicious_Library IsPE32 - (no description) PE_Header_Zero - PE File Signature UPX_Zero - UPX packed file

Name	Response	Post-Analysis Lookup
cdn.computewall.com		104.26.2.25

IP Address	Status	Action
164.124.101.2	Active	Moloch

No Suricata Alerts

No Suricata TLS

Time & API	Arguments	Status	Return	Repeated
GlobalMemoryStatusEx Nov. 22, 2024, 3:31 p.m.		1	1	0

section

.ndata

file	C:\Users\test22\AppData\Local\Temp\nsdC0EA.tmp\INetC.dll

file	C:\Users\test22\AppData\Local\Temp\nsdC0EA.tmp\INetC.dll

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Agent.Y!c
Cynet	Malicious (score: 99)
Cylance	Unsafe
CrowdStrike	win/malicious_confidence_70% (W)
Symantec	Trojan.Gen.MBT
Elastic	malicious (moderate confidence)
APEX	Malicious
Avast	Win32:Malware-gen
Kaspersky	HEUR:Trojan.Win32.Agent.gen
F-Secure	Heuristic.HEUR/AGEN.1345559
McAfeeD	ti!BB8D77352949
CTX	exe.trojan.agen
Sophos	Mal/Generic-S
SentinelOne	Static AI - Suspicious PE
FireEye	Generic.mg.7077281a1e876202
Google	Detected
Avira	HEUR/AGEN.1345559
Antiy-AVL	Trojan/Win32.Agent.gen
Kingsoft	Win32.Trojan.Agent.gen
ZoneAlarm	HEUR:Trojan.Win32.Agent.gen
Varist	W32/ABTrojan.TVPA-7929
McAfee	Artemis!7077281A1E87
DeepInstinct	MALICIOUS
VBA32	suspected of Trojan.Downloader.gen
Malwarebytes	Generic.Malware/Suspicious
Tencent	Win32.Trojan.Agent.Osmw
AVG	Win32:Malware-gen
Paloalto	generic.ml

fastad4.exe