hbvTmbP46IIEeHP1.exe| Category | Machine | Started | Completed |
|---|---|---|---|
| FILE | s1_win7_x6403_us | May 4, 2025, 12:44 p.m. | May 4, 2025, 1:13 p.m. |
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| No hosts contacted. | ||
| IP Address | Status | Action |
|---|---|---|
| No hosts contacted. | ||
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
| section | |
| section | .themida |
| section | .boot |
| section | {u'size_of_data': u'0x00009000', u'virtual_address': u'0x00001000', u'entropy': 7.959532651360282, u'name': u' ', u'virtual_size': u'0x00010383'} | entropy | 7.95953265136 | description | A section with a high entropy has been found | |||||||||
| section | {u'size_of_data': u'0x00007400', u'virtual_address': u'0x00012000', u'entropy': 7.9512791771593525, u'name': u' ', u'virtual_size': u'0x0001140a'} | entropy | 7.95127917716 | description | A section with a high entropy has been found | |||||||||
| section | {u'size_of_data': u'0x00000800', u'virtual_address': u'0x00025000', u'entropy': 7.574568374013279, u'name': u' ', u'virtual_size': u'0x00000da4'} | entropy | 7.57456837401 | description | A section with a high entropy has been found | |||||||||
| section | {u'size_of_data': u'0x003cea00', u'virtual_address': u'0x00639000', u'entropy': 7.954118518581606, u'name': u'.boot', u'virtual_size': u'0x003cea00'} | entropy | 7.95411851858 | description | A section with a high entropy has been found | |||||||||
| entropy | 0.998988384131 | description | Overall entropy of this PE file is high | |||||||||||
| Bkav | W64.AIDetectMalware |
| tehtris | Generic.Malware |
| Skyhigh | BehavesLike.Win64.CoinMiner.wc |
| ALYac | Trojan.GenericKD.75816140 |
| Cylance | Unsafe |
| VIPRE | Trojan.GenericKD.75816140 |
| Sangfor | Suspicious.Win32.Save.a |
| CrowdStrike | win/malicious_confidence_100% (W) |
| BitDefender | Trojan.GenericKD.75816140 |
| K7GW | Trojan ( 0057a4f61 ) |
| K7AntiVirus | Trojan ( 0057a4f61 ) |
| Arcabit | Trojan.Generic.D484DCCC |
| Symantec | ML.Attribute.HighConfidence |
| Elastic | malicious (high confidence) |
| ESET-NOD32 | a variant of Win64/Packed.Themida.L suspicious |
| APEX | Malicious |
| Avast | Win64:MalwareX-gen [Misc] |
| Kaspersky | Trojan.Win64.Agent.smehmm |
| MicroWorld-eScan | Trojan.GenericKD.75816140 |
| Emsisoft | Trojan.GenericKD.75816140 (B) |
| McAfeeD | Real Protect-LS!DF316BF7FC49 |
| Trapmine | malicious.high.ml.score |
| CTX | exe.trojan.generic |
| Sophos | Mal/Generic-S |
| SentinelOne | Static AI - Malicious PE |
| Detected | |
| Antiy-AVL | Trojan[Packed]/Win64.Themida |
| Gridinsoft | Trojan.Win64.Packed.sa |
| Microsoft | Trojan:Win32/Kepavll!rfn |
| ViRobot | Trojan.Win.Z.Agent.4065809 |
| GData | Trojan.GenericKD.75816140 |
| Varist | W64/ABTrojan.CQYK-5033 |
| McAfee | Artemis!DF316BF7FC49 |
| DeepInstinct | MALICIOUS |
| Malwarebytes | Malware.AI.1636464069 |
| Panda | Trj/CI.A |
| TrendMicro-HouseCall | TROJ_GEN.R002H01E325 |
| MaxSecure | Trojan.Malware.300983.susgen |
| Fortinet | Riskware/Application |
| AVG | Win64:MalwareX-gen [Misc] |
| alibabacloud | Trojan:Win/Kepavll.Gen |