jjyvr7o8if.exe| Category | Machine | Started | Completed |
|---|---|---|---|
| FILE | s1_win7_x6403_us | March 31, 2025, 12:06 p.m. | March 31, 2025, 12:08 p.m. |
-
jjyvr7o8if.exe "C:\Users\test22\AppData\Local\Temp\jjyvr7o8if.exe"
300 -
explorer.exe C:\Windows\Explorer.EXE
1236
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| No hosts contacted. | ||
| IP Address | Status | Action |
|---|---|---|
| No hosts contacted. | ||
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
| file | C:\Users\test22\AppData\Local\Temp\onefile_300_133878676013437500\jjyvr7o8if.exe |
| file | C:\Users\test22\AppData\Local\Temp\onefile_300_133878676013437500\libcrypto-3.dll |
| file | C:\Users\test22\AppData\Local\Temp\onefile_300_133878676013437500\tk86t.dll |
| file | C:\Users\test22\AppData\Local\Temp\onefile_300_133878676013437500\pywintypes312.dll |
| file | C:\Users\test22\AppData\Local\Temp\onefile_300_133878676013437500\sqlite3.dll |
| file | C:\Users\test22\AppData\Local\Temp\onefile_300_133878676013437500\pythoncom312.dll |
| file | C:\Users\test22\AppData\Local\Temp\onefile_300_133878676013437500\tcl86t.dll |
| file | C:\Users\test22\AppData\Local\Temp\onefile_300_133878676013437500\python312.dll |
| file | C:\Users\test22\AppData\Local\Temp\onefile_300_133878676013437500\vcruntime140_1.dll |
| file | C:\Users\test22\AppData\Local\Temp\onefile_300_133878676013437500\libssl-3.dll |
| file | C:\Users\test22\AppData\Local\Temp\onefile_300_133878676013437500\zlib1.dll |
| file | C:\Users\test22\AppData\Local\Temp\onefile_300_133878676013437500\libffi-8.dll |
| file | C:\Users\test22\AppData\Local\Temp\onefile_300_133878676013437500\vcruntime140.dll |
| file | C:\Users\test22\AppData\Local\Temp\onefile_300_133878676013437500\python3.dll |
| section | {u'size_of_data': u'0x00dd5400', u'virtual_address': u'0x0004d000', u'entropy': 7.999090692290962, u'name': u'.rsrc', u'virtual_size': u'0x00dd53f4'} | entropy | 7.99909069229 | description | A section with a high entropy has been found | |||||||||
| entropy | 0.99069799972 | description | Overall entropy of this PE file is high | |||||||||||
| file | C:\Users\test22\AppData\Local\Temp\onefile_300_133878676013437500\jjyvr7o8if.exe |
| Bkav | W64.AIDetectMalware |
| Lionic | Trojan.Win32.Nuitka.i!c |
| Cynet | Malicious (score: 100) |
| CAT-QuickHeal | Trojan.Ghanarava.1743277478d79481 |
| Skyhigh | BehavesLike.Win64.Dropper.tc |
| Cylance | Unsafe |
| VIPRE | Application.Generic.3953535 |
| CrowdStrike | win/malicious_confidence_100% (W) |
| BitDefender | Application.Generic.3953535 |
| K7GW | Trojan ( 005bddf51 ) |
| K7AntiVirus | Trojan ( 005bddf51 ) |
| Arcabit | Application.Generic.D3C537F |
| Symantec | ML.Attribute.HighConfidence |
| Elastic | malicious (high confidence) |
| ESET-NOD32 | Python/PSW.Agent.BUN |
| Avast | Win64:Malware-gen |
| Kaspersky | Trojan-PSW.Win64.Disco.kfk |
| Alibaba | Packed:Application/Nuitka.1d3d6582 |
| MicroWorld-eScan | Application.Generic.3953535 |
| Emsisoft | Application.Generic.3953535 (B) |
| F-Secure | Trojan.TR/PSW.Agent.oowsz |
| Zillya | Trojan.Stealer.Win32.194434 |
| McAfeeD | ti!C19FA111A64D |
| CTX | exe.trojan.nuitka |
| Sophos | Generic Reputation PUA (PUA) |
| SentinelOne | Static AI - Suspicious PE |
| FireEye | Application.Generic.3953535 |
| Detected | |
| Avira | TR/PSW.Agent.oowsz |
| Microsoft | Program:Win32/Wacapew.C!ml |
| GData | Application.Generic.3953535 |
| Varist | W64/ABApplication.ESWN-4790 |
| McAfee | Artemis!E58D52724427 |
| DeepInstinct | MALICIOUS |
| Malwarebytes | Malware.AI.1993370092 |
| Ikarus | PUA.Python.Nuitka |
| Fortinet | W64/Agent_AGen.D!tr |
| AVG | Win64:Malware-gen |
| alibabacloud | VirTool:Python/Packed.Nuitka.Y |