Sample name: | 9NBx4Vmiuj.exerenamed because original name is a hash value |
Original sample name: | 1d562eaa3e33451a40f60c976c6f4bc0.exe |
Analysis ID: | 1416004 |
MD5: | 1d562eaa3e33451a40f60c976c6f4bc0 |
SHA1: | de0f3e027e12162388ec953936857f06b71487ca |
SHA256: | dde68755fa515158e01e3e8f2b90772dc86e25b7e2684fc5066a5e33ee22b614 |
Tags: | 64exetrojan |
Infos: | |
Score: | 100 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Name | Description | Attribution | Blogpost URLs | Link |
---|---|---|---|---|
XWorm | Malware with wide range of capabilities ranging from RAT to ransomware. | No Attribution |
|
Name | Description | Attribution | Blogpost URLs | Link |
---|---|---|---|---|
zgRAT | zgRAT is a Remote Access Trojan malware which sometimes drops other malware such as AgentTesla malware. zgRAT has an inforstealer use which targets browser information and cryptowallets.Usually spreads by USB or phishing emails with -zip/-lnk/.bat/.xlsx attachments and so on. | No Attribution |
|
AV Detection |
---|
Source: |
Avira: |
Source: |
URL Reputation: |
||
Source: |
Avira URL Cloud: |
Source: |
Avira: |
||
Source: |
Avira: |
||
Source: |
Avira: |
Source: |
Malware Configuration Extractor: |
Source: |
ReversingLabs: |
||
Source: |
ReversingLabs: |
||
Source: |
ReversingLabs: |
Source: |
ReversingLabs: |
Source: |
Joe Sandbox ML: |
||
Source: |
Joe Sandbox ML: |
||
Source: |
Joe Sandbox ML: |
Source: |
Joe Sandbox ML: |
Source: |
String decryptor: |
||
Source: |
String decryptor: |
||
Source: |
String decryptor: |
||
Source: |
String decryptor: |
||
Source: |
String decryptor: |
||
Source: |
String decryptor: |
||
Source: |
String decryptor: |
||
Source: |
String decryptor: |
||
Source: |
String decryptor: |
||
Source: |
String decryptor: |
Source: |
HTTPS traffic detected: |
Source: |
Static PE information: |
Source: |
Binary string: |
||
Source: |
Binary string: |
||
Source: |
Binary string: |
||
Source: |
Binary string: |
||
Source: |
Binary string: |
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior | ||
Source: |
Key opened: |
Jump to behavior |
Networking |
---|
Source: |
Snort IDS: |
Source: |
TCP traffic: |
Source: |
DNS query: |
Source: |
File source: |
||
Source: |
File source: |
||
Source: |
File source: |
||
Source: |
File source: |
||
Source: |
File source: |
||
Source: |
File source: |
Source: |
TCP traffic: |
||
Source: |
TCP traffic: |
Source: |
HTTP traffic detected: |