Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	April 7, 2025, 10:01 a.m.	April 7, 2025, 10:04 a.m.

Size	797.5KB
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`27eb68c2e5edab53b422fb2daa2664a6`
SHA256	`b9cbc4ea4002a202ea77ea60e0bda818ca957f96f3d0cdfaa79b1eeb40280dfd`
CRC32	`BAFD857E`
ssdeep	`24576:rCDAjCPps7W325iovvQAz7IDx1z7+Z0On2nH6UYT:SAjys7tNQJ/W2nH`
PDB Path	C:\Users\D0NN3T\Documents\workspace\chams\x64\Release\ImGui Standalone.pdb
Yara	PE_Header_Zero - PE File Signature IsPE64 - (no description) IsDLL - (no description) Network_Downloader - File Downloader Malicious_Packer_Zero - Malicious Packer Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check UPX_Zero - UPX packed file

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

This executable has a PDB path (1 event)

pdb_path

C:\Users\D0NN3T\Documents\workspace\chams\x64\Release\ImGui Standalone.pdb

File has been identified by 54 AntiVirus engines on VirusTotal as malicious (50 out of 54 events)

Bkav	W32.Common.C6830EB1
Lionic	Trojan.Win32.Agent.Y!c
Cynet	Malicious (score: 100)
CAT-QuickHeal	Trojan.Win64RI.S35352211
Skyhigh	BehavesLike.Win64.Generic.bh
ALYac	Trojan.Generic.36847120
Cylance	Unsafe
VIPRE	Trojan.Generic.36847120
CrowdStrike	win/malicious_confidence_90% (W)
BitDefender	Trojan.Generic.36847120
K7GW	Trojan-Downloader ( 005b743b1 )
K7AntiVirus	Trojan-Downloader ( 005b743b1 )
Arcabit	Trojan.Generic.D2323E10
Symantec	Trojan.Gen.MBT
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win64/TrojanDownloader.Agent.AVM
Avast	Win64:DropperX-gen [Drp]
ClamAV	Win.Malware.Dropperx-10032607-0
Kaspersky	Trojan.Win64.Agent.qwkvez
Alibaba	TrojanDownloader:Win64/DropperX.d736a7c5
SUPERAntiSpyware	Trojan.Agent/Gen-Downloader
MicroWorld-eScan	Trojan.Generic.36847120
Emsisoft	Trojan.Generic.36847120 (B)
F-Secure	Trojan.TR/Dldr.Agent.qcmep
DrWeb	Trojan.DownLoader47.61594
Zillya	Trojan.Agent.Win64.56975
CTX	dll.trojan.generic
Sophos	Mal/Generic-S
FireEye	Trojan.Generic.36847120
Jiangmin	Trojan.Agent.ewvz
Webroot	W32.Malware.gen
Google	Detected
Avira	TR/Dldr.Agent.qcmep
Antiy-AVL	Trojan/Win64.Agent
Kingsoft	Win64.Trojan.Agent.qwkvez
Gridinsoft	Trojan.Win64.Agent.oa!s1
Microsoft	Trojan:Win32/Phonzy.A!ml
GData	Trojan.Generic.36847120
Varist	W64/Kryptik.FLN.gen!Eldorado
AhnLab-V3	Downloader/Win.AsyncRAT.R656586
McAfee	Artemis!27EB68C2E5ED
DeepInstinct	MALICIOUS
Malwarebytes	Trojan.ShellCode
Ikarus	Trojan-Downloader.Win64.Agent
Panda	Trj/Chgt.AD
TrendMicro-HouseCall	TROJ_GEN.R002H09JI24
Tencent	Trojan.Win64.Kryptik.16001247
Yandex	Trojan.Agent!Oojlde6nN9E
huorong	TrojanDownloader/Agent.bfs
MaxSecure	Trojan.Malware.10228209.susgen

ldjsb3.dll

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All