popup

Report - EYWCET97LV2U.cab

Malicious Library
  1. Resubmit analysis
  2. Detailed report
ScreenShot
Created 2021.11.12 07:50 Machine s1_win7_x6401
Filename EYWCET97LV2U.cab
Type Microsoft Cabinet archive data, 287893 bytes, 1 file
AI Score Not founds Behavior Score
0.8
ZERO API file : clean
VT API (file) 22 detected (CobaltStrike, GenericKDZ, COBEACON, Donoff, CVE-2021-4044, Artemis, ai score=81, CLASSIC, s4mlTO1HeKM, PossibleThreat)
md5 0785352502e5180153c079fa6cbe1ada
sha256 89097f85954c992ab27572d63daf119b87bb75cd3785ffcc2b5615988a9a398b
ssdeep 6144:Ht289kjPMvG/Ob5606j6EJ7jnjF6LHaEaIskUTlje:N+jPMvr6+kjFqHaEdkl6
imphash
impfuzzy
  Network IP location

Signature (1cnts)

Level Description
warning File has been identified by 22 AntiVirus engines on VirusTotal as malicious

Rules (1cnts)

Level Name Description Collection
watch Malicious_Library_Zero Malicious_Library binaries (upload)

Network (0cnts) ?

Request CC ASN Co IP4 Rule ? ZERO ?

Suricata ids


Similarity measure (PE file only) - Checking for service failure