Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	April 14, 2025, 10:30 a.m.	April 14, 2025, 10:41 a.m.

Size	45.0KB
Type	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`0b9fd78ef6d6bd52a6d581a05956d2b7`
SHA256	`05dfe98814b9a352144290d82d6b46ddcb7c8a4b6bbc3f1976525fde525b5ecb`
CRC32	`CDC6C342`
ssdeep	`768:uuQItT/QUscWUCezGmo2q82R5+9iLa/1ZPIUYmzjbBgX3i2iZiTvA8Alaj1zBDZY:uuQItT/Lm2CwiO/1W9m3buXS2ZzLcY10`
Yara	PE_Header_Zero - PE File Signature Malicious_Library_Zero - Malicious_Library Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult Is_DotNET_EXE - (no description) AsyncRat - AsyncRat Payload IsPE32 - (no description) Malicious_Packer_Zero - Malicious Packer OS_Processor_Check_Zero - OS Processor Check UPX_Zero - UPX packed file

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
185.246.113.135	Active	Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Communicates with host for which no DNS query was performed (1 event)

host

185.246.113.135

File has been identified by 60 AntiVirus engines on VirusTotal as malicious (50 out of 60 events)

Bkav	W32.AIDetectMalware.CS
Lionic	Trojan.Win32.AsyncRAT.m!c
CAT-QuickHeal	Trojan.IgenericFC.S14890850
Skyhigh	BehavesLike.Win32.Fareit.pm
ALYac	Generic.AsyncRAT.Marte.B.84CCE0ED
Cylance	Unsafe
VIPRE	Generic.AsyncRAT.Marte.B.84CCE0ED
Sangfor	Suspicious.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (W)
BitDefender	Generic.AsyncRAT.Marte.B.84CCE0ED
K7GW	Trojan ( 005c228f1 )
K7AntiVirus	Trojan ( 005c228f1 )
Arcabit	Generic.AsyncRAT.Marte.B.84CCE0ED
VirIT	Trojan.Win32.MSIL_Heur.A
Symantec	Backdoor.ASync!g2
Elastic	Windows.Generic.Threat
ESET-NOD32	a variant of MSIL/AsyncRAT.A
APEX	Malicious
Avast	Win32:MalwareX-gen [Drp]
ClamAV	Win.Packed.Razy-9625918-0
Kaspersky	HEUR:Backdoor.MSIL.Crysan.gen
Alibaba	Backdoor:MSIL/AsyncRat.357265d8
SUPERAntiSpyware	Trojan.Agent/Gen-Kryptik
MicroWorld-eScan	Generic.AsyncRAT.Marte.B.84CCE0ED
Rising	Trojan.AntiVM!1.CF63 (CLASSIC)
Emsisoft	Generic.AsyncRAT.Marte.B.84CCE0ED (B)
F-Secure	Trojan.TR/Dropper.Gen
DrWeb	Trojan.Siggen9.56514
Zillya	Trojan.Agent.Win32.1341615
TrendMicro	Backdoor.MSIL.ASYNCRAT.SMXSR
McAfeeD	ti!05DFE98814B9
Trapmine	suspicious.low.ml.score
CTX	exe.trojan.msil
Sophos	Troj/AsyncRat-B
SentinelOne	Static AI - Malicious PE
Jiangmin	Backdoor.MSIL.gguk
Google	Detected
Avira	TR/Dropper.Gen
Kingsoft	malware.kb.c.1000
Gridinsoft	Trojan.Win32.Agent.sa
Microsoft	Backdoor:MSIL/AsyncRat.AD!MTB
ZoneAlarm	Troj/AsyncRat-B
GData	MSIL.Backdoor.DCRat.D
Varist	W32/Samas.B.gen!Eldorado
AhnLab-V3	Malware/Win32.RL_Generic.C3558490
McAfee	Fareit-FZT!0B9FD78EF6D6
DeepInstinct	MALICIOUS
VBA32	OScope.Backdoor.MSIL.Crysan
Malwarebytes	Generic.Malware.AI.DDS
Ikarus	Backdoor.AsyncRat

1.exe

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All