Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	May 1, 2025, 9:59 a.m.	May 1, 2025, 10:02 a.m.

Size	289.0KB
Type	MS-DOS executable
MD5	`a060f805ad243ff1c98778d0bcee935e`
SHA256	`0d257dafbf5ad79f01ad58372eb46ac6795f16ebdd2e9edc3b1bee393430f4a8`
CRC32	`86313E4E`
ssdeep	`6144:8LcTIjJ1kCXMlviI9X6PLghTi2XDS/A/evqLjlvEE:8LWcdCviumghTi2zt2iLjl3`
Yara	PE_Header_Zero - PE File Signature Malicious_Packer_Zero - Malicious Packer IsPE64 - (no description) IsDLL - (no description) HKTL_CobaltStrike_Beacon_Strings - Identifies strings used in Cobalt Strike Beacon DLL Malicious_Library_Zero - Malicious_Library OS_Processor_Check_Zero - OS Processor Check UPX_Zero - UPX packed file

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

No Suricata Alerts

No Suricata TLS

ClamAV	Win.Trojan.Cobaltstrike-10011492-0
ALYac	Trojan.Beacon.Shellcode.Marte.1
VIPRE	Trojan.Beacon.Shellcode.Marte.1
BitDefender	Trojan.Beacon.Shellcode.Marte.1
Arcabit	Trojan.Beacon.Shellcode.Marte.1
Symantec	Trojan Horse
Avast	Win64:CobaltStrike-B [Trj]
Kaspersky	HEUR:Trojan.Win32.CobaltStrike.gen
Alibaba	Trojan:Win32/CobaltStrike.04b60947
MicroWorld-eScan	Trojan.Beacon.Shellcode.Marte.1
Emsisoft	Trojan.Beacon.Shellcode.Marte.1 (B)
CTX	dll.trojan.beacon
Sophos	ATK/Swrort-FU
Google	Detected
Gridinsoft	Susp.U.XOREncoded.sd!yf
Microsoft	Trojan:Win32/Sonbokli.A!cl
ZoneAlarm	ATK/Swrort-FU
GData	Trojan.Beacon.Shellcode.Marte.1
huorong	Backdoor/CobaltStrike.af
AVG	Win64:CobaltStrike-B [Trj]
alibabacloud	Backdoor:Win/CobaltStrike.BeaconLoader.A

sc.bin