popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

wvckkhost.exe

Malicious Library UPX Malicious Packer ftp PE64 PE File OS Processor Check
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us March 30, 2025, 2:08 p.m. March 30, 2025, 2:11 p.m.
Size 2.8MB
Type PE32+ executable (GUI) x86-64, for MS Windows
MD5 cfc1981a3c3b8ddc41de5a60103f2250
SHA256 042ffb105b3f2ef6323986451ac747914bec45efde319cfa409a015b6a96c8c8
CRC32 5CCCA22F
ssdeep 49152:rfHIOZyx3xOw1pY9DC2DvyxYAEMqv+LHtVT8+HEV/SoaplqeEKDVyqY6r:8MwYzv6YWHhpl1EKDVyUr
PDB Path D:\A = myProject\FIVEM CHEAT == KIKO ==\PROJECT FIVEM KIKO LOADER ALL IN ONE\EXE\Wexize-V2-main\Wexize-V2-main\x64\Release\wvckkhost.pdb
Yara
  • PE_Header_Zero - PE File Signature
  • Malicious_Library_Zero - Malicious_Library
  • IsPE64 - (no description)
  • ftp_command - ftp command
  • Malicious_Packer_Zero - Malicious Packer
  • OS_Processor_Check_Zero - OS Processor Check
  • UPX_Zero - UPX packed file

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

pdb_path D:\A = myProject\FIVEM CHEAT == KIKO ==\PROJECT FIVEM KIKO LOADER ALL IN ONE\EXE\Wexize-V2-main\Wexize-V2-main\x64\Release\wvckkhost.pdb
section {u'size_of_data': u'0x000ca200', u'virtual_address': u'0x001f8000', u'entropy': 7.335268084743556, u'name': u'.data', u'virtual_size': u'0x000cd228'} entropy 7.33526808474 description A section with a high entropy has been found
entropy 0.280875455967 description Overall entropy of this PE file is high
Bkav W64.AIDetectMalware
Lionic Trojan.Win32.Generic.4!c
Cynet Malicious (score: 100)
CAT-QuickHeal Trojan.Ghanarava.17430521683f2250
Skyhigh BehavesLike.Win64.Downloader.vc
ALYac Gen:Variant.Lazy.518164
Cylance Unsafe
VIPRE Gen:Variant.Lazy.518164
CrowdStrike win/malicious_confidence_100% (W)
BitDefender Gen:Variant.Lazy.518164
K7GW Trojan ( 005c449c1 )
K7AntiVirus Trojan ( 005c449c1 )
Arcabit Trojan.Lazy.D7E814
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
ESET-NOD32 a variant of Win64/GenKryptik.HHNC
APEX Malicious
Avast Win64:CrypterX-gen [Trj]
ClamAV Win.Malware.Sabsik-10038319-0
Alibaba Trojan:Win64/GenKryptik.df16e295
MicroWorld-eScan Gen:Variant.Lazy.518164
Rising Trojan.Kryptik!8.8 (CLOUD)
Emsisoft Gen:Variant.Lazy.518164 (B)
F-Secure Heuristic.HEUR/AGEN.1366896
McAfeeD ti!042FFB105B3F
Trapmine malicious.moderate.ml.score
CTX exe.trojan.genkryptik
Sophos Mal/Generic-S
SentinelOne Static AI - Suspicious PE
FireEye Gen:Variant.Lazy.518164
Google Detected
Avira HEUR/AGEN.1366896
Antiy-AVL Trojan/Win64.GenKryptik
Gridinsoft Ransom.Win64.Sabsik.sa
Microsoft Trojan:Win32/Wacatac.B!ml
GData Gen:Variant.Lazy.518164
Varist W64/ABTrojan.JUKO-3943
AhnLab-V3 Trojan/Win.Generic.R693436
McAfee Artemis!CFC1981A3C3B
DeepInstinct MALICIOUS
Malwarebytes Malware.AI.329525829
Ikarus Trojan.Win64.Krypt
Panda Trj/Chgt.AD
TrendMicro-HouseCall Trojan.Win32.VSX.PE04C9V
Tencent Malware.Win32.Gencirc.145c6492
MaxSecure Trojan.Malware.300983.susgen
Fortinet W64/GenKryptik.HHNC!tr
AVG Win64:CrypterX-gen [Trj]
alibabacloud Trojan:Win/GenKryptik_AGen.YX