ScreenShot
| Created | 2024.11.20 09:16 | Machine | s1_win7_x6401 |
| Filename | dll004.dll | ||
| Type | MS-DOS executable | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 56 detected (AIDetectMalware, Krysh, Malicious, score, IgenericPMF, S30635993, GALG, Unsafe, confidence, 100%, Attribute, HighConfidence, Windows, M0yv, AEPX, TrojanX, Zloader, CLOUD, lyntk, Behav, Static AI, Suspicious PE, Detected, GrayWare, Wacapew, MBHS, Eldorado, R510877, GenericRXTN, Convagent, Genetic, Filecoder, susgen, Ransomware) | ||
| md5 | 5361f7539eeb502ab6e09fb404a627b0 | ||
| sha256 | 434100ebc74ef000ce28edc1b388174cc57a7a708a92899e0c18fa6af946cb83 | ||
| ssdeep | 6144:CUpmVkWR17pyRzTFjkhu1R/vcNUWNfBSJg65UQMqc09ncB5wW/eDeiV50DErKAO9:oVAsu1VvcaWJB4g89crw1K9Dl2+ | ||
| imphash | 88478c1f74f94f7e1e9654193a1e02b3 | ||
| impfuzzy | 12:ocrilHNBEsTlgvyIORI/R/rf4tWtWkK7OlJ8DnT/3tV9HKras6A6+uhfEXF:ocr6HTxWvyIiI/J74888lUnT/NqrT6AN | ||
Network IP location
Signature (1cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 56 AntiVirus engines on VirusTotal as malicious |
Rules (3cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| info | IsDLL | (no description) | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
RSLU30(moi
0x2791f8 psyuilroT
LE[IEN5;-adl
0x279084 OehwFpcl
0x2790c4 KojflDtlf
0x2790dc Wrfdequ@gQgSarrkflOg
0x279108 Slz@evPhopm
0x27910c SlzTevPhopm
0x279120 Ns_flkbJlamPefd
0x279134 AigcFktzwCalaV
0x27913c AigcCnizf
0x279170 UehcFkjl
0x279180 DlfteJgggim
0x279184 UeebaqcDvqmx
0x279188 Tllbp
0x2791a8 UteRnuogg
FD_FPK5;-adl
0x279010 DhhiggUlqsacaBnlokaT
0x279040 HpliSAKhmdoevV
0x279050 ArlbSkb
PIGOTVV'gid
0x27920c PigOtvvZfklRaptgzv
0x279214 PigOtvvJlkfegu
itmkl,beo
0x279228 UteFdhszwUzirhmgng
0x279234 It@jpgtzlkitaUiplcb
0x279240 ItJkoqc
0x279244 UteNpt2HgazewrUmZvtjloS
JP[)dnj
0x2791c0 PNlsAfbJlkfeguhmgU
0x2791d0 PNlsCnizf@fui
Tejrr14'gid
0x2791e8 Ksh@evJfdjfSarrkflBbvi
CNZFPK(moi
0x279068 CnzArgc
EAT(Export Address Table) Library
0x235840 _a@4
RSLU30(moi
0x2791f8 psyuilroT
LE[IEN5;-adl
0x279084 OehwFpcl
0x2790c4 KojflDtlf
0x2790dc Wrfdequ@gQgSarrkflOg
0x279108 Slz@evPhopm
0x27910c SlzTevPhopm
0x279120 Ns_flkbJlamPefd
0x279134 AigcFktzwCalaV
0x27913c AigcCnizf
0x279170 UehcFkjl
0x279180 DlfteJgggim
0x279184 UeebaqcDvqmx
0x279188 Tllbp
0x2791a8 UteRnuogg
FD_FPK5;-adl
0x279010 DhhiggUlqsacaBnlokaT
0x279040 HpliSAKhmdoevV
0x279050 ArlbSkb
PIGOTVV'gid
0x27920c PigOtvvZfklRaptgzv
0x279214 PigOtvvJlkfegu
itmkl,beo
0x279228 UteFdhszwUzirhmgng
0x279234 It@jpgtzlkitaUiplcb
0x279240 ItJkoqc
0x279244 UteNpt2HgazewrUmZvtjloS
JP[)dnj
0x2791c0 PNlsAfbJlkfeguhmgU
0x2791d0 PNlsCnizf@fui
Tejrr14'gid
0x2791e8 Ksh@evJfdjfSarrkflBbvi
CNZFPK(moi
0x279068 CnzArgc
EAT(Export Address Table) Library
0x235840 _a@4