Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Dec. 6, 2024, 9:28 a.m.	Dec. 6, 2024, 9:31 a.m.

Size	239.0KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`4d58df8719d488378f0b6462b39d3c63`
SHA256	`ecf528593210cf58333743a790294e67535d3499994823d79a1c8d4fa40ec88d`
CRC32	`3C7D6163`
ssdeep	`3072:k1yu7KQnXARW09He9XRzD8xkMpC/SjZeEU2HpC99nzaPJE8:M/Gmd0Z4QJsadeExIfzKD`
Yara	Malicious_Library_Zero - Malicious_Library Antivirus - Contains references to security software IsPE32 - (no description) PE_Header_Zero - PE File Signature Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
154.216.17.90	Active	Moloch

No Suricata Alerts

No Suricata TLS

host

154.216.17.90

dead_host

154.216.17.90:80

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Stealc.i!c
Cynet	Malicious (score: 100)
CAT-QuickHeal	Trojanpws.Stealerc
Skyhigh	BehavesLike.Win32.Generic.dh
ALYac	Gen:Variant.Zusy.567575
Cylance	Unsafe
VIPRE	Gen:Variant.Zusy.567575
CrowdStrike	win/malicious_confidence_90% (W)
BitDefender	Gen:Variant.Zusy.567575
K7GW	Trojan ( 005b1c971 )
K7AntiVirus	Trojan ( 005b1c971 )
Arcabit	Trojan.Zusy.D8A917
VirIT	Trojan.Win32.GenusT.EDMA
Symantec	ML.Attribute.HighConfidence
Elastic	Windows.Generic.Threat
ESET-NOD32	a variant of Win32/Stealc.B
APEX	Malicious
Avast	Win32:PWSX-gen [Trj]
ClamAV	Win.Malware.Stealerc-10034234-0
Kaspersky	Trojan-PSW.Win32.Stealerc.ool
Alibaba	Trojan:Win32/LummaStealer.545d0ae7
NANO-Antivirus	Virus.Win32.Gen.ccmw
MicroWorld-eScan	Gen:Variant.Zusy.567575
Rising	Stealer.Stealerc!8.17BE0 (TFE:4:VfAEMpoxsdU)
Emsisoft	Gen:Variant.Zusy.567575 (B)
F-Secure	Trojan.TR/Crypt.ZPACK.Gen
DrWeb	Trojan.PWS.StealC.146
McAfeeD	Real Protect-LS!4D58DF8719D4
Trapmine	malicious.moderate.ml.score
CTX	exe.trojan.stealc
Sophos	Troj/Stealc-AAC
SentinelOne	Static AI - Suspicious PE
FireEye	Generic.mg.4d58df8719d48837
Webroot	W32.Infostealer.Gen
Google	Detected
Avira	TR/Crypt.ZPACK.Gen
Antiy-AVL	Trojan[PSW]/Win32.StealerC
Kingsoft	malware.kb.a.997
Gridinsoft	Trojan.Win32.Downloader.sa
Microsoft	Trojan:Win32/LummaStealer.NCR!MTB
ViRobot	Trojan.Win.Z.Zusy.244736.FP
GData	Gen:Variant.Zusy.567575
AhnLab-V3	Trojan/Win.Generic.C5695369
McAfee	Artemis!4D58DF8719D4
DeepInstinct	MALICIOUS
VBA32	BScope.Trojan.Downloader
Malwarebytes	Spyware.Stealc
Ikarus	Trojan.Win32.Vidar
Panda	Trj/GdSda.A

vorpgkadeg.exe