Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	March 16, 2021, 12:11 p.m.	March 16, 2021, 12:11 p.m.

Size	400.0KB
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`e6773f8149a687f25aadcf88f1dcbe07`
SHA256	`a8860ec41711e5a40dc818afd756800b1913bfc7bd724048e0832282cb09a6ac`
CRC32	`DE76B705`
ssdeep	`6144:BfGM0U8I1GAlQr3sDv5oqzuHsKP2QFyr0InvcsYp/nG0JJcz:wDU8I1XlQQ2BHsy2QFpx9pVJCz`
Yara	PE_Header_Zero - PE File Signature Zero OS_Processor_Check_Zero - OS Processor Check Signature Zero Win_Trojan_Trickbot_Zero - Used Trickbot win_files_operation - Affect private profile IsPE32 - (no description) IsDLL - (no description) IsWindowsGUI - (no description) IsPacked - Entropy Check HasDebugData - DebugData Check HasRichSignature - Rich Signature Check

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

No Suricata Alerts

No Suricata TLS

section

{u'size_of_data': u'0x0003fa00', u'virtual_address': u'0x00001000', u'entropy': 7.09227129001748, u'name': u'.rdata', u'virtual_size': u'0x0003f97f'}

entropy

7.09227129002

description

A section with a high entropy has been found

entropy

0.637844611529

description

Overall entropy of this PE file is high

FireEye	Generic.mg.e6773f8149a687f2
McAfee	Trojan-FTJO!E6773F8149A6
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_90% (W)
Alibaba	Trojan:Win32/Trickpak.b47e9498
K7GW	Trojan ( 005785d41 )
K7AntiVirus	Trojan ( 005785d41 )
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Kryptik.HJQZ
APEX	Malicious
Paloalto	generic.ml
Kaspersky	Trojan.Win32.Trickpak.dm
NANO-Antivirus	Trojan.Win32.Trickpak.inktqv
Avast	Win32:BankerX-gen [Trj]
Rising	Trojan.Trickpak!8.122C7 (CLOUD)
F-Secure	Trojan.TR/Redcap.wzwyr
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	TROJ_GEN.R011C0DBS21
McAfee-GW-Edition	Trojan-FTJO!E6773F8149A6
Sophos	Mal/Generic-S
SentinelOne	Static AI - Suspicious PE
Avira	TR/Redcap.wzwyr
Antiy-AVL	Trojan/Win32.Kryptik
Microsoft	Trojan:Win32/TrickBot.DM!MTB
ZoneAlarm	Trojan.Win32.Trickpak.dm
GData	Win32.Trojan-Spy.TrickBot.7JOAX4
Cynet	Malicious (score: 85)
Malwarebytes	Trojan.TrickBot
TrendMicro-HouseCall	TROJ_GEN.R011C0DBS21
Ikarus	Trojan-Spy.Win32.TrickBot
MaxSecure	Trojan.Malware.115355656.susgen
Fortinet	W32/PossibleThreat
AVG	Win32:BankerX-gen [Trj]
Panda	Trj/GdSda.A

m73.dll