Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	April 9, 2025, 1:43 p.m.	April 9, 2025, 1:45 p.m.

Size	1.0MB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`899e8f69a4b5e13049ab33b475ca98fa`
SHA256	`3fed869dca0c8d4262cbfb3dd8c0819eb771e3fda1cb0dd671da4379b14e8c52`
CRC32	`783E1323`
ssdeep	`24576:M7ha3luY0uMsAawT2yFsB4x95bJ73DYyXnPwHeXgTfKq:Mt8w3FsB4x91hsyXCehq`
Yara	PE_Header_Zero - PE File Signature IsPE32 - (no description) Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check UPX_Zero - UPX packed file

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

The binary likely contains encrypted or compressed data indicative of a packer (3 events)

section

{u'size_of_data': u'0x0005b600', u'virtual_address': u'0x00071000', u'entropy': 7.999189855923161, u'name': u'.data', u'virtual_size': u'0x0005bdb0'}

entropy

7.99918985592

description

A section with a high entropy has been found

section

{u'size_of_data': u'0x00008c00', u'virtual_address': u'0x00100000', u'entropy': 6.820241988666407, u'name': u'.reloc', u'virtual_size': u'0x00008a14'}

entropy

6.82024198867

description

A section with a high entropy has been found

entropy

0.382704252269

description

Overall entropy of this PE file is high

File has been identified by 48 AntiVirus engines on VirusTotal as malicious (48 events)

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Generic.4!c
tehtris	Generic.Malware
Cynet	Malicious (score: 100)
CAT-QuickHeal	Trojan.Ghanarava.1744139326ca98fa
Skyhigh	BehavesLike.Win32.Generic.tc
ALYac	Gen:Variant.Lazy.674515
Cylance	Unsafe
VIPRE	Gen:Variant.Lazy.674515
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_90% (W)
BitDefender	Gen:Variant.Lazy.674515
Arcabit	Trojan.Lazy.DA4AD3
VirIT	Trojan.Win32.GenHeur.C
Symantec	Scr.MalPbs!gen2
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/GenKryptik.HHYM
APEX	Malicious
Avast	Win32:DropperX-gen [Drp]
Kaspersky	UDS:DangerousObject.Multi.Generic
Alibaba	Trojan:Win32/GenKryptik.2c07c0ba
MicroWorld-eScan	Gen:Variant.Lazy.674515
Rising	Trojan.Obfuscator!8.9A9E (TFE:5:suWzIcHGsuD)
Emsisoft	Gen:Variant.Lazy.674515 (B)
F-Secure	Trojan.TR/Kryptik.guojb
TrendMicro	TrojanSpy.Win32.LUMMASTEALER.YXFDIZ
McAfeeD	ti!3FED869DCA0C
Trapmine	malicious.moderate.ml.score
CTX	exe.trojan.generic
Sophos	Mal/Generic-S
SentinelOne	Static AI - Malicious PE
Avira	TR/Kryptik.guojb
Antiy-AVL	GrayWare/Win32.Wacapew
Kingsoft	malware.kb.a.990
Gridinsoft	Trojan.Win32.Kryptik.sa
Microsoft	Trojan:Win32/LummaC.GH!MTB
GData	Gen:Variant.Lazy.674515
Varist	W32/ABTrojan.QUWD-7415
AhnLab-V3	Infostealer/Win.LummaC2.R699274
McAfee	Artemis!899E8F69A4B5
DeepInstinct	MALICIOUS
Malwarebytes	Generic.Malware/Suspicious
Tencent	Win32.Trojan.Kryptik.Sgil
huorong	HVM:VirTool/Obfuscator.gen!A
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/GenKryptik.HHUD!tr
AVG	Win32:DropperX-gen [Drp]
alibabacloud	Trojan:Win/LummaC.GJ8PHU

gs.exe

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All