popup

Report - info.zip

ZIP Format
  1. Resubmit analysis
  2. Detailed report
ScreenShot
Created 2024.07.20 20:44 Machine s1_win7_x6402
Filename info.zip
Type Zip archive data, at least v2.0 to extract
AI Score Not founds Behavior Score
2.2
ZERO API file : malware
VT API (file) 56 detected (malicious, high confidence, score, CoinMiner, CUGN, PhotoMiner, Threats, InArchive, AAVT, SecurityRisk, gen1, multiple detections, NSIS, ali1002002, BitCoinMiner, ddjqfi, CLASSIC, BtcMine, Solimba, Miner, Tepfer, ai score=100, Malware@#3sedq8onoin2s, Detected, R174018, Jqil, Static AI, Suspicious Archive, susgen)
md5 cbcb58ffe45c202c11bcf2070496aed6
sha256 7126b9932dc0cdfe751340edfa7c4a14b69262eb1afd0530e6d1fdb2e25986dd
ssdeep 98304:SyrPvG3UNpYqQLpXhHHeanDebmPL+okjWa1lu/:SyrPO3UDsdXp+z8+FWyE
imphash
impfuzzy
  Network IP location

Signature (3cnts)

Level Description
danger File has been identified by 56 AntiVirus engines on VirusTotal as malicious
watch Communicates with host for which no DNS query was performed
notice Resolves a suspicious Top Level Domain (TLD)

Rules (1cnts)

Level Name Description Collection
info zip_file_format ZIP file format binaries (upload)

Network (2cnts) ?

Request CC ASN Co IP4 Rule ? ZERO ?
stafftest.ru
whois
Unknown mailcious
211.195.221.11
whois
KR Korea Telecom 211.195.221.11 clean

Suricata ids


Similarity measure (PE file only) - Checking for service failure