Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6402	March 13, 2021, 11 a.m.	March 13, 2021, 11:01 a.m.

Size	195.5KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`3be6d1c77567a69b779c54f5d5d3ed77`
SHA256	`56e4b855d6c0d2206c89fdbfc4403984da3981808c795dbd88c5c546127b8611`
CRC32	`F663A989`
ssdeep	`3072:+33eJnLRGmtZL8EVUaTa7ojh4ohS4WAYDGpWpdwtHgCyFXT8780x5yXsX:0u+aZL8EVla77oANAYWAGtHSFjj6`
PDB Path	C:\babobi\homobuj-we.pdbruntime\crypt\tmp_1872877584\bin\toyi.pdbÀBB B¬B
Yara	PE_Header_Zero - PE File Signature Zero Raccoon_Stealer_1_Zero - Raccoon Stealer win_mutex - Create or check mutex win_files_operation - Affect private profile IsPE32 - (no description) IsWindowsGUI - (no description) IsPacked - Entropy Check HasDebugData - DebugData Check HasRichSignature - Rich Signature Check

4.exe "C:\Users\test22\AppData\Local\Temp\4.exe"
5032

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
164.124.101.2	Active	Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

This executable has a PDB path (1 event)

pdb_path

C:\babobi\homobuj-we.pdbruntime\crypt\tmp_1872877584\bin\toyi.pdbÀBB B¬B

The file contains an unknown PE resource name possibly indicative of a packer (1 event)

resource name

LAHUSEBUKIKUC

One or more processes crashed (50 out of 65536 events)

Time & API	Arguments	Status
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 26679386 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1
__exception__ March 13, 2021, 11 a.m.	stacktrace: LocalSize+0xe4 BasepMapModuleHandle-0x31 kernel32+0x2e825 @ 0x7574e825 _lifan@8+0x1e42 4+0x25db2 @ 0x425db2 exception.instruction_r: 80 78 07 05 0f 84 27 56 02 00 f6 40 07 3f 0f 84 exception.symbol: RtlGetUserInfoHeap+0x4e RtlQueueWorkItem-0x3e7 ntdll+0x67cbf exception.instruction: cmp byte ptr [eax + 7], 5 exception.module: ntdll.dll exception.exception_code: 0xc0000005 exception.offset: 425151 exception.address: 0x77407cbf registers.esp: 1636692 registers.edi: 3145728 registers.eax: 4294967288 registers.ebp: 1636744 registers.edx: 6 registers.ebx: 0 registers.esi: 0 registers.ecx: 4564	1

Allocates read-write-execute memory (usually to unpack itself) (1 event)

Time & API	Arguments	Status	Return	Repeated
NtProtectVirtualMemory March 13, 2021, 11 a.m.	process_identifier: 5032 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 length: 90112 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0031a000 process_handle: 0xffffffff	1	0	0

The binary likely contains encrypted or compressed data indicative of a packer (2 events)

section

{u'size_of_data': u'0x00025200', u'virtual_address': u'0x00001000', u'entropy': 7.67223798464594, u'name': u'.text', u'virtual_size': u'0x00025124'}

entropy

7.67223798465

description

A section with a high entropy has been found

entropy

0.763496143959

description

Overall entropy of this PE file is high

Tries to unhook Windows functions monitored by Cuckoo (1 event)

Time & API	Arguments	Status	Return	Repeated
__anomaly__ March 13, 2021, 11 a.m.	tid: 4564 message: Encountered 65537 exceptions, quitting. subcategory: exception function_name:	1	0	0

File has been identified by 41 AntiVirus engines on VirusTotal as malicious (41 events)

Bkav	W32.AIDetect.malware1
Elastic	malicious (high confidence)
McAfee	Artemis!3BE6D1C77567
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Trojan ( 00578e3f1 )
Alibaba	Trojan:Win32/Kryptik.b0862c65
K7GW	Trojan ( 00578e3f1 )
Arcabit	Trojan.Bulz.D5EBBB
Cyren	W32/Kryptik.DOJ.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Avast	FileRepMetagen [Malware]
Cynet	Malicious (score: 100)
Kaspersky	UDS:DangerousObject.Multi.Generic
BitDefender	Gen:Variant.Bulz.388027
Paloalto	generic.ml
MicroWorld-eScan	Gen:Variant.Bulz.388027
Ad-Aware	Gen:Variant.Bulz.388027
Emsisoft	Gen:Variant.Bulz.388027 (B)
McAfee-GW-Edition	BehavesLike.Win32.Trojan.cc
FireEye	Generic.mg.3be6d1c77567a69b
Sophos	ML/PE-A
Ikarus	Trojan-Banker.UrSnif
Kingsoft	Win32.PSWTroj.Undef.(kcloud)
Microsoft	Trojan:Win32/Glupteba!ml
AegisLab	Trojan.Win32.Bulz.4!c
ZoneAlarm	UDS:DangerousObject.Multi.Generic
GData	Gen:Variant.Bulz.388027
Acronis	suspicious
BitDefenderTheta	Gen:NN.ZexaF.34608.mqW@a0yxlBT
ALYac	Gen:Variant.Bulz.388027
MAX	malware (ai score=84)
Malwarebytes	Malware.AI.2398949046
Rising	Malware.Heuristic!ET#92% (RDMK:cmRtazpr9tvRQdl8i9N/UEmrwmSq)
SentinelOne	Static AI - Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Webroot	W32.Trojan.Gen
AVG	FileRepMetagen [Malware]
CrowdStrike	win/malicious_confidence_100% (D)
Qihoo-360	Win32/Trojan.Generic.HgIASQoA

4.exe

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All