nemesis.dll| Category | Machine | Started | Completed |
|---|---|---|---|
| FILE | s1_win7_x6403_us | Jan. 10, 2025, 11:53 a.m. | Jan. 10, 2025, 11:55 a.m. |
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| No hosts contacted. | ||
| IP Address | Status | Action |
|---|---|---|
| 164.124.101.2 | Active | Moloch |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
| pdb_path | C:\Users\chiquinho motoserra\Desktop\INTZ LOADER\x64\Release\nemesis2.pdb |
| section | {u'size_of_data': u'0x0037f200', u'virtual_address': u'0x000ad000', u'entropy': 7.939430967083544, u'name': u'.rdata', u'virtual_size': u'0x0037f106'} | entropy | 7.93943096708 | description | A section with a high entropy has been found | |||||||||
| section | {u'size_of_data': u'0x00183e00', u'virtual_address': u'0x0042d000', u'entropy': 7.8657994298301945, u'name': u'.data', u'virtual_size': u'0x001845e8'} | entropy | 7.86579942983 | description | A section with a high entropy has been found | |||||||||
| entropy | 0.876515798463 | description | Overall entropy of this PE file is high | |||||||||||
| Cynet | Malicious (score: 100) |
| Skyhigh | BehavesLike.Win64.Generic.tc |
| CrowdStrike | win/malicious_confidence_70% (D) |
| Elastic | Windows.Trojan.Donutloader |
| ESET-NOD32 | a variant of Win64/GameHack_AGen.OY potentially unsafe |
| Avast | Win32:Agent-BEEM [Trj] |
| ClamAV | Win.Packed.Rozena-10029918-0 |
| Kaspersky | VHO:Trojan.Win64.Donut.gen |
| Rising | Trojan.DonutLoader!1.E39F (CLASSIC) |
| McAfeeD | ti!B42EFA0FF2ED |
| Trapmine | suspicious.low.ml.score |
| SentinelOne | Static AI - Suspicious PE |
| Detected | |
| Microsoft | Program:Win32/Wacapew.C!ml |
| DeepInstinct | MALICIOUS |
| Malwarebytes | Malware.AI.2737985898 |
| Ikarus | Trojan.Win32.Generic |
| MaxSecure | Trojan.Malware.300983.susgen |
| AVG | Win32:Agent-BEEM [Trj] |