Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Feb. 24, 2025, 3:13 p.m.	Feb. 24, 2025, 3:14 p.m.

Size	1.3MB
Type	PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
MD5	`810743a8b00d1866cb3c13c9539a1e31`
SHA256	`22ef29d989b832bcebd3dbe7e2bbf9255093fc8d6aac0dd4cb0db184ee8acca3`
CRC32	`75CB34E2`
ssdeep	`24576:ScecLlGGmtZIEsrb/T/vO90dL3BmAFd4A64nsfJhtDKICQosg5ha:SclRGDDIEsrb/T/vO90dL3BmAFd4A64O`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature Malicious_Packer_Zero - Malicious Packer IsPE64 - (no description) OS_Processor_Check_Zero - OS Processor Check UPX_Zero - UPX packed file

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

No Suricata Alerts

No Suricata TLS

section

.symtab

Bkav	W64.AIDetectMalware
Lionic	Hacktool.Win32.Suborner.3!c
Cynet	Malicious (score: 100)
ALYac	Trojan.Agent.FSBE
VIPRE	Trojan.Agent.FSBE
K7AntiVirus	Unwanted-Program ( 0059f74a1 )
BitDefender	Trojan.Agent.FSBE
K7GW	Unwanted-Program ( 0059f74a1 )
Arcabit	Trojan.Agent.FSBE
Symantec	Trojan.Gen.MBT
tehtris	Generic.Malware
APEX	Malicious
Kaspersky	HEUR:HackTool.Win64.Suborner.gen
Alibaba	HackTool:Win64/Suborner.c9f0a33f
MicroWorld-eScan	Trojan.Agent.FSBE
Rising	HackTool.HiddenAccount!1.DE3F (CLASSIC)
Emsisoft	Trojan.Agent.FSBE (B)
DrWeb	Tool.CreateHiddenAccount.1
Zillya	Tool.Agent.Win32.127754
CTX	exe.hacktool.suborner
Sophos	Generic Reputation PUA (PUA)
FireEye	Trojan.Agent.FSBE
Google	Detected
MAX	malware (ai score=80)
Antiy-AVL	Trojan/Win32.SGeneric
Kingsoft	Win64.HackTool.Suborner.gen
Gridinsoft	Trojan.Win64.Agent.sa
Microsoft	Program:Win32/Wacapew.C!ml
ZoneAlarm	HEUR:HackTool.Win64.Suborner.gen
GData	Trojan.Agent.FSBE
Varist	W64/ABApplication.NPCA-2035
McAfee	Artemis!810743A8B00D
DeepInstinct	MALICIOUS
Malwarebytes	Malware.AI.3627942904
Ikarus	Trojan.WinGo.Agent
TrendMicro-HouseCall	TROJ_GEN.R002H09BN25
huorong	HackTool/AddHiddenUsers.a
Fortinet	W32/PossibleThreat

123.exe