Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	April 7, 2025, 9:58 a.m.	April 7, 2025, 10:01 a.m.

Size	140.5KB
Type	PE32+ executable (console) x86-64, for MS Windows
MD5	`efc7c1d297e62692b01aa19e04b003f2`
SHA256	`4470ca1e8fbf3c32e79b2e012963b9a148f4bba0e386ce425566f563a6feac06`
CRC32	`5C4E2491`
ssdeep	`3072:3quf5ohFrwtb6nFBN8Dd2XEtrJAZNPFuQ:3tohFrwcnFCd2XEs4Q`
Yara	PE_Header_Zero - PE File Signature Malicious_Library_Zero - Malicious_Library IsPE64 - (no description) Malicious_Packer_Zero - Malicious Packer Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check UPX_Zero - UPX packed file

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

The executable contains unknown PE section names indicative of a packer (could be a false positive) (1 event)

section

_RDATA

File has been identified by 53 AntiVirus engines on VirusTotal as malicious (50 out of 53 events)

Lionic	Trojan.Win32.Redcap.4!c
Cynet	Malicious (score: 99)
CAT-QuickHeal	Trojan.Ghanarava.1733028476b003f2
Skyhigh	Artemis!Trojan
ALYac	Trojan.GenericKD.65964350
Cylance	Unsafe
VIPRE	Trojan.GenericKD.65964350
Sangfor	Exploit.Win64.CVE.Vdul
CrowdStrike	win/malicious_confidence_100% (W)
BitDefender	Trojan.GenericKD.65964350
K7GW	Riskware ( 0040eff71 )
K7AntiVirus	Riskware ( 0040eff71 )
Arcabit	Trojan.Generic.D3EE893E
VirIT	Trojan.Win64.Genus.HHM
Symantec	ML.Attribute.HighConfidence
Elastic	Windows.Exploit.IoRing
ESET-NOD32	a variant of Win32/Exploit.CVE-2023-21768.A
APEX	Malicious
Avast	Win64:ExploitX-gen [Expl]
Alibaba	Exploit:Application/CVE-2023-21768.a5598091
MicroWorld-eScan	Trojan.GenericKD.65964350
Rising	Exploit.CVE-2023-21768!8.17CE6 (TFE:5:UgNWwTKzlAQ)
Emsisoft	Trojan.GenericKD.65964350 (B)
F-Secure	Trojan.TR/Redcap.syvqb
Zillya	Exploit.CVE202321768.Win32.2
TrendMicro	TROJ_GEN.R002C0PCN23
CTX	exe.trojan.generic
Sophos	Exp/2321768-A
FireEye	Trojan.GenericKD.65964350
Jiangmin	HackTool.Convagent.cp
Google	Detected
Avira	TR/Redcap.syvqb
Antiy-AVL	Trojan[Exploit]/Win32.CVE-2023-21768
Xcitium	Malware@#3gc0cfy764mto
Microsoft	Trojan:Win64/CVE-2023-21768!MSR
ZoneAlarm	Exp/2321768-A
GData	Trojan.GenericKD.65964350
Varist	W64/ABApplication.NKKF-2365
AhnLab-V3	Trojan/Win.Generic.C5583258
McAfee	Artemis!EFC7C1D297E6
DeepInstinct	MALICIOUS
VBA32	Trojan.Win64.CVE_2023_
Malwarebytes	Malware.AI.80518804
Ikarus	Trojan.SuspectCRC
Panda	Trj/Chgt.AD
TrendMicro-HouseCall	TROJ_GEN.R002C0PCN23
Tencent	Malware.Win32.Gencirc.11bbe91e
huorong	Exploit/CVE-2023-21768.a
MaxSecure	Trojan.Malware.204540015.susgen
Fortinet	W64/CVE_2023_21768.A!exploit

edge-updater.exe

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All