ScreenShot
Created | 2021.04.01 15:21 | Machine | s1_win7_x6401 |
Filename | oikz5qpn.tar | ||
Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | ||
AI Score |
|
Behavior Score |
|
ZERO API | file : malware | ||
VT API (file) | 36 detected (malicious, high confidence, GenericKD, Dridex, Save, Attribute, HighConfidence, Kryptik, HKFC, Cridex, dGZlOgUe5oHeB4TeVA, ohmhn@0, kcloud, Wacapew, Wacatac, R375024, ai score=80, Unsafe, Score, PossibleThreat, GdSda, HgkASRwA) | ||
md5 | 9143a373da62638070883e5069574176 | ||
sha256 | 7f721141b9a5d5ee1bedc9729e3b5003cb2d161305b046090495b036e590394e | ||
ssdeep | 12288:NbHAqgIuNsQBUTGlXA21Sp3vykrYIAtUfd+G+okZ:dBCNrU6/CakrYQdZ+hZ | ||
imphash | adeae1388ccab7d5ea2c08a636428844 | ||
impfuzzy | 96:YnvHmVLMM5Gc+ZjjLLxZRrspr4vwSxmAw:YtjLtZRrsprEwS4Aw |
Network IP location
Signature (2cnts)
Level | Description |
---|---|
danger | File has been identified by 36 AntiVirus engines on VirusTotal as malicious |
info | This executable has a PDB path |
Rules (4cnts)
Level | Name | Description | Collection |
---|---|---|---|
danger | Win32_Trojan_Gen_1_0904B0_Zero | Win32 Trojan Emotet | binaries (upload) |
info | OS_Processor_Check_Zero | OS Processor Check Signature Zero | binaries (upload) |
info | PE_Header_Zero | PE File Signature Zero | binaries (upload) |
info | Win32_Trojan_Gen_2_0904B0_Zero | Win32 Trojan Gen | binaries (upload) |
Network (0cnts) ?
Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
---|