Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Jan. 12, 2025, 2:32 p.m.	Jan. 12, 2025, 3:06 p.m.

Size	45.0KB
Type	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`b6811a1daca8cfda16da0f730c174133`
SHA256	`d5619e740a38ee0c894dd17051419306c4b35ad55a1558854ed82527a4aa736c`
CRC32	`242D3BB1`
ssdeep	`768:9ujY21TUET1/WUT1V9mo2qz4KjPGaG6PIyzjbFgX3iaIqH5jdrK9APGuU2BDZzx:9ujY21TU0r21KTkDy3bCXSeHrKqPfdzx`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature Malicious_Packer_Zero - Malicious Packer Is_DotNET_EXE - (no description) Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult AsyncRat - AsyncRat Payload IsPE32 - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
164.124.101.2	Active	Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

File has been identified by 59 AntiVirus engines on VirusTotal as malicious (50 out of 59 events)

Bkav	W32.AIDetectMalware.CS
Lionic	Trojan.Win32.AsyncRat.m!c
CAT-QuickHeal	Trojan.IgenericFC.S14890850
Skyhigh	BehavesLike.Win32.Fareit.pm
ALYac	Generic.AsyncRAT.Marte.B.CB87A3DB
Cylance	Unsafe
VIPRE	Trojan.GenericKD.75331276
Sangfor	Suspicious.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (W)
BitDefender	Trojan.GenericKD.75331276
K7GW	Trojan ( 005678321 )
K7AntiVirus	Trojan ( 005678321 )
Arcabit	Trojan.Generic.D47D76CC
VirIT	Trojan.Win32.MSIL_Heur.A
Symantec	ML.Attribute.HighConfidence
Elastic	Windows.Generic.Threat
ESET-NOD32	a variant of MSIL/AsyncRAT.A
APEX	Malicious
Avast	Win32:DropperX-gen [Drp]
ClamAV	Win.Packed.Razy-9625918-0
Alibaba	Backdoor:MSIL/AsyncRat.a94f5a8e
NANO-Antivirus	Trojan.Win32.Crysan.kutacx
SUPERAntiSpyware	Trojan.Agent/Gen-Kryptik
MicroWorld-eScan	Trojan.GenericKD.75331276
Rising	Trojan.AntiVM!1.CF63 (CLASSIC)
Emsisoft	Trojan.GenericKD.75331276 (B)
F-Secure	Trojan.TR/Dropper.Gen
DrWeb	Trojan.Siggen9.56514
Zillya	Backdoor.Crysan.Win32.425
TrendMicro	Backdoor.MSIL.ASYNCRAT.SMXSR
McAfeeD	ti!D5619E740A38
Trapmine	suspicious.low.ml.score
CTX	exe.trojan.msil
Sophos	Troj/AsyncRat-B
SentinelOne	Static AI - Malicious PE
FireEye	Generic.mg.b6811a1daca8cfda
Jiangmin	Backdoor.MSIL.gguk
Google	Detected
Avira	TR/Dropper.Gen
Kingsoft	MSIL.Backdoor.Crysan.gen
Gridinsoft	Trojan.Win32.Agent.sa
Xcitium	Malware@#czu07jwtiaha
Microsoft	Backdoor:MSIL/AsyncRat.AD!MTB
GData	MSIL.Backdoor.DCRat.D
Varist	W32/Samas.B.gen!Eldorado
McAfee	Fareit-FZT!B6811A1DACA8
DeepInstinct	MALICIOUS
VBA32	OScope.Backdoor.MSIL.Crysan
Malwarebytes	Generic.Malware.AI.DDS
Ikarus	Backdoor.AsyncRat

Client.exe

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All