Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	March 17, 2025, 9:35 a.m.	March 17, 2025, 10:04 a.m.

Size	321.5KB
Type	PE32+ executable (GUI) x86-64, for MS Windows
MD5	`c24f479832df6c354247044c39253e9f`
SHA256	`dcefd6533f89fe2a2eaf55dadb989328884d012ce5aa19982e435dd1b2aff9ed`
CRC32	`CDA32775`
ssdeep	`6144:Ng5mGssFcjNGf4QIUMwGh/W9Py9oO6mIhA:u5mGdkYIn5h/uEb6T`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsPE64 - (no description) Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check UPX_Zero - UPX packed file

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

No Suricata Alerts

No Suricata TLS

description

oxxxxxyf.exe tried to sleep 134 seconds, actually delayed analysis time by 104 seconds

reg_key

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\NVIDIA Share

reg_value

C:\Users\test22\AppData\Roaming\ServiceAmd\oxxxxxyf.exe

Cynet	Malicious (score: 100)
CrowdStrike	win/malicious_confidence_90% (W)
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
APEX	Malicious
Kaspersky	UDS:DangerousObject.Multi.Generic
Rising	Trojan.ClipBanker!8.5FB (CLOUD)
McAfeeD	ti!DCEFD6533F89
FireEye	Generic.mg.c24f479832df6c35
Microsoft	Trojan:Win32/Wacatac.B!ml
McAfee	Artemis!C24F479832DF
DeepInstinct	MALICIOUS
Panda	Trj/Chgt.AD
TrendMicro-HouseCall	Trojan.Win32.VSX.PE04C9V
Fortinet	Malicious_Behavior.SB

oxxxxxyf.exe