Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	April 7, 2025, 10:01 a.m.	April 7, 2025, 10:05 a.m.

Size	797.5KB
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`842526afcbc5e4567e84a1375d597df8`
SHA256	`509843bba178671ba718f531b6f6459d299870228ee569c67951aa86369a15c6`
CRC32	`EBBCC30A`
ssdeep	`24576:rCDAjCPps7W325iovvQAz7IDx1z7+Z0On2n46UYT:SAjys7tNQJ/W2n4`
PDB Path	C:\Users\D0NN3T\Documents\workspace\chams\x64\Release\ImGui Standalone.pdb
Yara	PE_Header_Zero - PE File Signature IsPE64 - (no description) IsDLL - (no description) Network_Downloader - File Downloader Malicious_Packer_Zero - Malicious Packer Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check UPX_Zero - UPX packed file

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

This executable has a PDB path (1 event)

pdb_path

C:\Users\D0NN3T\Documents\workspace\chams\x64\Release\ImGui Standalone.pdb

File has been identified by 55 AntiVirus engines on VirusTotal as malicious (50 out of 55 events)

Bkav	W32.Common.C6830EB1
Lionic	Trojan.Win32.Agent.Y!c
MicroWorld-eScan	Trojan.GenericKD.75912052
CAT-QuickHeal	Trojan.Win64RI.S35352211
Skyhigh	BehavesLike.Win64.Generic.bh
ALYac	Trojan.GenericKD.75912052
Cylance	Unsafe
VIPRE	Trojan.GenericKD.75912052
CrowdStrike	win/malicious_confidence_90% (W)
BitDefender	Trojan.GenericKD.75912052
K7GW	Trojan-Downloader ( 005b743b1 )
K7AntiVirus	Trojan-Downloader ( 005b743b1 )
Arcabit	Trojan.Generic.D4865374
Symantec	Trojan.Gen.MBT
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win64/TrojanDownloader.Agent.AVM
Avast	Win64:DropperX-gen [Drp]
Cynet	Malicious (score: 100)
Kaspersky	Trojan.Win64.Agent.qwkvez
Alibaba	TrojanDownloader:Win64/DropperX.237a4ab9
NANO-Antivirus	Trojan.Win64.Mlw.kvwuhd
SUPERAntiSpyware	Trojan.Agent/Gen-Downloader
Emsisoft	Trojan.GenericKD.75912052 (B)
F-Secure	Trojan.TR/Dldr.Agent.qcmep
DrWeb	Trojan.DownLoader47.61594
Zillya	Trojan.Agent.Win64.56975
CTX	dll.trojan.generic
Sophos	Mal/Generic-S
FireEye	Trojan.GenericKD.75912052
Jiangmin	Trojan.Agent.ewvz
Webroot	W32.Malware.gen
Google	Detected
Avira	TR/Dldr.Agent.qcmep
Antiy-AVL	Trojan/Win64.Agent
Kingsoft	Win64.Trojan.Agent.qwkvez
Gridinsoft	Trojan.Win64.Agent.oa!s1
Microsoft	Trojan:Win32/Multiverze!rfn
ViRobot	Trojan.Win.Z.Agent.816640.QO
GData	Trojan.GenericKD.75912052
Varist	W64/Kryptik.FLN.gen!Eldorado
AhnLab-V3	Downloader/Win.AsyncRAT.R656586
McAfee	Artemis!842526AFCBC5
DeepInstinct	MALICIOUS
Malwarebytes	Trojan.ShellCode
Ikarus	Trojan-Downloader.Win64.Agent
Panda	Trj/Chgt.AD
TrendMicro-HouseCall	TROJ_GEN.R023H0CC425
Tencent	Trojan.Win64.Kryptik.16001247
Yandex	Trojan.Agent!Oojlde6nN9E
huorong	TrojanDownloader/Agent.bfs

w54cez.dll

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All