popup

Report - Mysecondfamily.exe

Generic Malware Malicious Library UPX Malicious Packer OS Processor Check PE File PE64
  1. Resubmit analysis
  2. Detailed report
ScreenShot
Created 2023.08.28 17:26 Machine s1_win7_x6401
Filename Mysecondfamily.exe
Type PE32+ executable (console) x86-64, for MS Windows
AI Score Not founds Behavior Score
1.0
ZERO API file : clean
VT API (file) 8 detected (Disco, a variant of JS, Artemis, Wacapew, CLOUD, NodeA)
md5 f6fcfa4a011f9a073aa53830e78157f9
sha256 c23e150432841b0b080d0dda9bd2b9e1e2f59080c4767da6aa5efdbd8cc07d37
ssdeep 393216:V1GMxFHDV5/VaUObItMF0JLMQzcYAeLK0fgiy4fQ3MD8cZykx+3frYskNurXqGMl:VljE2PypsZa3frYPNuHMrYo
imphash 66b10d8b5718b0fd6fb4865843d44280
impfuzzy 192:JeW92FX/rbFrTisrck/gkehFpiV37W5W/bF7E:JejViMlQFpi5uIx7E
  Network IP location

Signature (4cnts)

Level Description
notice File has been identified by 8 AntiVirus engines on VirusTotal as malicious
info One or more processes crashed
info The executable contains unknown PE section names indicative of a packer (could be a false positive)
info This executable has a PDB path

Rules (7cnts)

Level Name Description Collection
warning Generic_Malware_Zero Generic Malware binaries (upload)
watch Malicious_Library_Zero Malicious_Library binaries (upload)
watch Malicious_Packer_Zero Malicious Packer binaries (upload)
watch UPX_Zero UPX packed file binaries (upload)
info IsPE64 (no description) binaries (upload)
info OS_Processor_Check_Zero OS Processor Check binaries (upload)
info PE_Header_Zero PE File Signature binaries (upload)

Network (0cnts) ?

Request CC ASN Co IP4 Rule ? ZERO ?

Suricata ids


Similarity measure (PE file only) - Checking for service failure