Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Jan. 6, 2025, 6:32 p.m.	Jan. 6, 2025, 6:34 p.m.

Size	12.0KB
Type	PE32+ executable (console) x86-64, for MS Windows
MD5	`bce921da7e4ed6138b0d5cb30952a855`
SHA256	`6def8cb28331b9b23f7c2601fc55efe8008a4d88c04286b48db42b673c0ab8e8`
CRC32	`401E29DD`
ssdeep	`192:GidoRJHb9Ee/je1v2kN5Bc9r8RsQ5tfZc3:pSPHb9EsjOH5Bi8Rs`
PDB Path	C:\Users\admin\Desktop\Hak.babi\Payload\C++\l3v0\x64\Release\l3v0.pdb
Yara	PE_Header_Zero - PE File Signature IsPE64 - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
3.107.255.174	Active	Moloch

No Suricata Alerts

No Suricata TLS

pdb_path

C:\Users\admin\Desktop\Hak.babi\Payload\C++\l3v0\x64\Release\l3v0.pdb

host

3.107.255.174

dead_host

3.107.255.174:4953

Lionic	Trojan.Win32.ReverseShell.m!c
Cynet	Malicious (score: 99)
CAT-QuickHeal	Trojan.Ghanarava.173600951652a855
Skyhigh	Artemis!Trojan
Cylance	Unsafe
VIPRE	Gen:Heur.Bodegun.16
Sangfor	Backdoor.Win32.Reverseshell.V6sn
CrowdStrike	win/malicious_confidence_90% (D)
BitDefender	Gen:Heur.Bodegun.16
K7GW	Trojan ( 005966d11 )
K7AntiVirus	Trojan ( 005966d11 )
Arcabit	Trojan.Bodegun.16
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win64/ReverseShell.I
APEX	Malicious
Avast	Win64:MalwareX-gen [Trj]
Kaspersky	Backdoor.Win32.Agent.myvtnh
Alibaba	Trojan:Win64/ReverseShell.dc5864a7
NANO-Antivirus	Trojan.Win64.Redcap.kunndc
MicroWorld-eScan	Gen:Heur.Bodegun.16
Rising	Trojan.Kryptik@AI.85 (RDML:4MADlYUV48mjphoSbwUI8g)
Emsisoft	Gen:Heur.Bodegun.16 (B)
McAfeeD	ti!6DEF8CB28331
CTX	exe.trojan.reverseshell
Sophos	Mal/Generic-S
SentinelOne	Static AI - Suspicious PE
FireEye	Gen:Heur.Bodegun.16
Webroot	W32.Trojan.Gen
Google	Detected
Avira	TR/Redcap.evkdd
Antiy-AVL	Trojan[Backdoor]/Win64.ReverseShell
Kingsoft	Win32.Hack.Agent.myvtnh
Gridinsoft	Trojan.Win64.Downloader.sa
Xcitium	Malware@#32uvq5hfx0ddq
Microsoft	Trojan:Win32/Wacatac.B!ml
GData	Gen:Heur.Bodegun.16
Varist	W64/ABTrojan.COSP-0677
AhnLab-V3	Trojan/Win.Generic.C5713819
McAfee	Artemis!BCE921DA7E4E
DeepInstinct	MALICIOUS
Malwarebytes	Trojan.ReverseShell
Ikarus	Trojan.Win64.Crypt
Tencent	Win32.Backdoor.Agent.Ekjl
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W64/ReverseShell.I!tr
AVG	Win64:MalwareX-gen [Trj]
Paloalto	generic.ml
alibabacloud	Trojan:Win/ReverseShell.I

l3v0.exe